Project Icewater Logo

Project Icewater

0
Free
Visit Website

This project provides open-source YARA rules for the detection of malware and malicious files. The anti-virus industry prefers names for a threat. This is my attempt to publish signatures as numbers. Since I find the naming of threats to be confusing and misleading I am attempting to locate threats in a phase-space so that their relationships can be measured, visualized and scientifically described. Each YARA signature in this archive is organized by a prefix and a 64 bit integer. The prefix is an index into file size and file type while the suffix is a 64 bit coordinate in a multi dimensional hyper space. Within a prefix, edit distance may be used to understand how two clusters relate to each other. The Starting Problem The basis of this research and this contribution to internet security is the idea of the Starting Problem which derives itself from Turing complete machines halting problem documented by Allen Turing in 1936. The staring problem I am defining thus: Knowing if a program should be allowed to run without running the program. My solution is to run about 4% of programs and by running them infer if the other 96% should be allowed to run. Icewater is the

FEATURES

ALTERNATIVES

A tool for malware analysts to search through base64-encoded samples and generate yara rules.

A tool to find XSS vulnerabilities in web applications

A cheat sheet for default credentials to aid in penetration testing and vulnerability assessment

YARA syntax highlighting for Gtk-based text editors

Cybersecurity tool merging DarunGrim's analysis algorithms, currently in internal testing for official release.

Automated blind-xss search for Burp Suite

A tool that recovers passwords from pixelized screenshots

A program to manage yara ruleset in a database with support for different databases and configuration options.