Malware analysis tools

viper: Binary analysis and management framework

Viper is a binary analysis and management framework. Its fundamental objective is to provide a solution to easily organize your collection of malware and exploit samples as well as your collection of scripts you created or found over the time to facilitate your daily research.

Installation

Viper is written in Python and it requires Python 2.7 to function properly. In this documentation, we will use Debian GNU/Linux based distributions, such as Ubuntu, as a reference platform. The following installation instructions should apply similarly to other distributions and possibly to Mac OS X as well, although it has not been properly tested.

Before proceeding, you should make sure you have the basic tools installed to be able to compile additional Python extensions:

$ sudo apt-get install gcc python-dev python-pip

In order to have support for certain modules, you will need to install the following dependencies too before proceeding:

$ sudo apt-get install libssl-dev swig

Core dependencies
Viper makes use of a number of Python library for its core functioning, which can be installed with the command:

$ sudo pip install SQLAlchemy PrettyTable python-magic

In addition, you should install ssdeep with pydeep. After you downloaded the source code for ssdeep from the official website, proceed with the following:

$ tar -zxvf ssdeep-X.XX.tar.gz
$ cd ssdeep-X.XX
$ ./configure && make
$ sudo make install
$ sudo pip install pydeep

 

Viper can retrieve files remotely through Tor if you’re interested in such feature you should install SocksiPy:

$ sudo apt-get install python-socksipy

You will also clearly need a running Tor daemon, refer to the official website for setup instructions.

Usage

./viper.py

viper

Tutorial

 

 

Read more…

Anastasis Vasileiadis

PC Technical || Penetration Tester || Ethical Hacker || Cyber Security Expert || Cyber Security Analyst || Information Security Researcher || Malware analyst || Malware Investigator || Reverse Engineering

Leave a Reply