./security/floss [FireEye Labs Obfuscated String Solver]
[+] Add this package to your ports tracker

[ CVSweb ] [ Homepage ] [ RSS feed ]

Version: 1.5.0, Package name: floss-1.5.0
Maintained by: Remi Pointel
Master sites:
The FireEye Labs Obfuscated String Solver (FLOSS) uses advanced static analysis
techniques to automatically deobfuscate strings from malware binaries. You can
use it just like strings.exe to enhance basic static analysis of unknown
Rather than heavily protecting backdoors with hardcore packers, many malware
authors evade heuristic detections by obfuscating only key portions of an
executable. Often, these portions are strings and resources used to configure
domains, files, and other artifacts of an infection. These key features will not
show up as plaintext in output of the strings.exe utility that is commonly used
during basic static analysis.

Filesize: 102.304 KB
Version History (View Complete History)
  • (2018-03-30) Package added to openports.se, version floss-1.5.0 (created)
[show/hide] View available PLISTS (Can be a lot of data)