flare-fakenet-ng
flare-vm
flare-fakenet-ng | flare-vm | |
---|---|---|
2 | 23 | |
1,700 | 5,856 | |
1.8% | 1.5% | |
4.1 | 8.0 | |
8 days ago | 9 days ago | |
Python | PowerShell | |
Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
flare-fakenet-ng
-
Ask HN: What is your home networking setup?
* INetSim [1]
Reverse engineering, and malware analysis skills will transfer to this task directly.
[0]: https://github.com/mandiant/flare-fakenet-ng
-
DYNAMIC MALWARE ANALYSIS WITH INTERNET
Hi, what you are looking for is Fakenet or the newer, separate version fakenet-ng https://github.com/fireeye/flare-fakenet-ng
flare-vm
-
Looking for x86 Assembly learning material
Follow the instructions here to setup a FLARE vm which will have all the tools you need for the labs in the book flare vm
-
Small company, small analysis Platform
FLARE VM: this is a boxstarter from Mandiant to add a bunch of tools to Windows for malware analysis
-
Home lab for cybersecurity
build it as a proxmox host and have a malware analysis VM (flare-vm for example - https://github.com/mandiant/flare-vm) you can then interact with it via Console or host another VM as an SSH jump box and ssh tunnel to port 3389 on the malware vm
- Ma poate ajuta cineva ? Am descărcat ceva de pe filelist si după am întâmpinat asta.
- Any sandbox app (Windows or Linux) that supports network routing?
-
OS Recommendations for DFIR
FLARE VM: a Windows toolkit for malware analysis from Mandiant: https://github.com/mandiant/flare-vm
-
L1 analysts, do you do malware analysis? If so how often?
I usually run it in virtualbox without guest additions, get one of those free windows 10 isos from microsoft and install the mandiant flare vm on it ( https://github.com/mandiant/flare-vm ), after everything is installed i keep a snapshot of the windows machine with everything set up so i dont have to do it all again and once its done i set the network to internal and set set up inetsim on remnux as well if im going to do dynamic analysis so that i have an internet simulator that the malware can talk to.
-
How do you setup a malware analysis sandbox?
I use https://any.run for quick stuff or just fire my FlareVM up.
- Any distro for forensic blue team?
- How to set up a laptop as a dedicated mal-lab that has access to my home network for malware to send and receive traffic but cannot propagate to the rest of my devices?
What are some alternatives?
flare-ida - IDA Pro utilities from FLARE team
commando-vm - Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. [email protected]
theZoo - A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.
drakvuf-sandbox - DRAKVUF Sandbox - automated hypervisor-level malware analysis system
refinery - High Octane Triage Analysis
radare2 - UNIX-like reverse engineering framework and command-line toolset
flare-floss - FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.
Binance-APK-Analysis - Revealing secrets behind Binance Crypto Exchange platform through Android APK Analysis
Mobile-Security-Framework-MobSF - Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
pwndbg - Exploit Development and Reverse Engineering with GDB Made Easy
gef - GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux
simplify - Android virtual machine and deobfuscator