Didier Stevens

Thursday 29 March 2012

Update: SE_ASLR Version

Filed under: My Software,Update — Didier Stevens @ 9:14

I added Bottom Up Randomization to my SE_ASLR tool.

In this source code, I use a Windows Cryptographic Service Provider to generate random numbers.

SE_ASLR_V0_0_0_2.zip (https)
MD5: C835D1DDB64A68A1CD48CCF87AE03D18
SHA256: 1560BEE96CFC956A5E8954FEFD92ED227293418B19FE6B06D4ED703B6C50F4AC

Wednesday 14 March 2012

Update: PDFid And pdf-parser

Filed under: Uncategorized — Didier Stevens @ 9:15

To mark the occasion of my Malicious PDF Analysis workshop at Black Hat Europe 2012, I’m releasing version 0.0.12 of PDFiD and version 0.3.9 of pdf-parser.

The major change is that these 2 tools support Python 3 too now. And then there are a couple of bugfixes and new features given to me by readers.

You can find these tools on the PDF Tools page.

Monday 12 March 2012

NAFT Release

Filed under: My Software,Networking — Didier Stevens @ 19:41

You can find a first release of my Network Appliance Forensic Toolkit here. This first release contains a tool for generic network appliances, but also works on memory dumps of PC operating systems like Windows.

Monday 5 March 2012

Update: TaskManager.xls V0.1.2

Filed under: My Software,Update — Didier Stevens @ 12:03

This is a new version of TaskManager.xls with memory usage statistics, with code given to me by sciomathman.

I updated the code for 64-bit and edge cases.

TaskManager_V0_1_2.zip (https)
MD5: DEDB20DA6EE1A622DD3C234D07F5FE08
SHA256: 23EC10C7206BA43B56EF185E7C18EF528FD551FC0B34FFF9E4E183C37A114FF8

Blog at WordPress.com.