The original pdf file, is now available for download here.
Enjoy,
kyREcon
A.R.F v2.0 – News #1
***The following methods are not available for download yet.***
New methods added in:
SehDbgDetection Class
HardwareBreakPointDetection class
New Class added:
VirtualMachineDetection – Currently includes 6 new methods (2 for each) to detect VirtualPC, VMWare, and VirtualBOX. More methods are being developped to detect these 3 popular VMs.
What’s next…
Detecting SandBoxes. – Currently one method has been tested for the well-known SandBoxie, and more research is coming for other popular SandBoxes.
Phishing Attempts #1
Today I noticed 2 phishing attempts, targeting Lloyds TSB Bank and Hotmail accounts. Some really nice work there…
Well, you will have to zoom-in in order to enjoy the view, or just copy the location link of the image into your browser… :O)
Hotmail:
Lloyds TSB Bank:
Cheers,
KyREcon
A.R.F v2.0
I had promised that I will keep working on the Anti-Reversing Framework, so I am back on it.
Even if I don’t have a lot of free time, I am planning to release v2.0 before September.
The new version will include more debugger detection methods, as well as various methods to detect Virtual Machines such as VMWare, VirtualPC etc..
Finally, I am planning to add also some generic “attack” methods that the user will be able to use in case a debugger or a VM has been detected. However, this could be a feature of v2.1 later on, depending on the time I have available.
Stay tuned,
KyREcon
Windows Explorer DoS vulnerability
A recently discovered bug in Windows Explorer of Vista , 7 and Windows 8 versions that will cause the Windows explorer to crash through a specifically crafted file.
Cheers,
kyREcon
[social_share/]