I added Bottom Up Randomization to my SE_ASLR tool.
In this source code, I use a Windows Cryptographic Service Provider to generate random numbers.
SE_ASLR_V0_0_0_2.zip (https)
MD5: C835D1DDB64A68A1CD48CCF87AE03D18
SHA256: 1560BEE96CFC956A5E8954FEFD92ED227293418B19FE6B06D4ED703B6C50F4AC
To mark the occasion of my Malicious PDF Analysis workshop at Black Hat Europe 2012, I’m releasing version 0.0.12 of PDFiD and version 0.3.9 of pdf-parser.
The major change is that these 2 tools support Python 3 too now. And then there are a couple of bugfixes and new features given to me by readers.
You can find these tools on the PDF Tools page.
You can find a first release of my Network Appliance Forensic Toolkit here. This first release contains a tool for generic network appliances, but also works on memory dumps of PC operating systems like Windows.
This is a new version of TaskManager.xls with memory usage statistics, with code given to me by sciomathman.
I updated the code for 64-bit and edge cases.
TaskManager_V0_1_2.zip (https)
MD5: DEDB20DA6EE1A622DD3C234D07F5FE08
SHA256: 23EC10C7206BA43B56EF185E7C18EF528FD551FC0B34FFF9E4E183C37A114FF8
Didier Stevens 