ELF Parser neatly breaks down strings found inside of an ELF executable by URLs, strings, IP addresses, calls and network functions. This is where, ELFParser, combined with traffic analysis tools like WireShark and static analysis tools like hexdump, made the research a tad easier. I experienced this challenge when ascertaining the behavior of a hard-to-detect macOS and Linux malware packed in an ELF executable. Many virtualized malware analysis and sandboxing solutions exist to peek into Windows malware, but analyzing suspicious macOS or Linux binaries becomes slightly more challenging with limited tools available to study the behavior of these native executables. Whether you are a sysadmin, a threat intel analyst, a malware researcher, forensics expert, or even a software developer looking to build secure software, these 15 free tools from GitHub or GitLab can easily fit into your day-to-day work activities and provide added advantages.Įditor's note: This article, originally published in April 2016, has been updated to include tools that are currently in popular use.
0 kommentar(er)
