Skip to main content
API Hooking

Ok, I admit it. I stumbled to these words once I read literatures on CWSandbox from Mannheim. Since in Nepenthes we can simply send the newly fetched binaries to the sandboxes, I was like triggered to know what was executed behind them.

The method being called as API hooking. The other similar solution being used by Joebox, developed by postgrad student from Switzerland.

Anubis from Vienna in the other way around use QEMU ... but if you google around you will see there is one paper written by Symantec researcher refuting on the usage of virtual machines.
Labels:

Comments

Post a Comment

Popular posts from this blog

Gue dengan S2 gue. Sronok banget!
15 comments
Read more
Beijing and image manipulation addict Salam, Image manipulation with command line is fun and time consuming too. Given my Digikam plugins unable to work, I start to figure out many wonderful features of other tool which offer almost the same quality. However I was stucked with ImageMagick,with many tutorial on the net: Here and Here for i in *jpg ;do convert -font helvetica -fill white -pointsize 18 -draw 'text 10,50 "ACM-ICPC Beijing 2005"' $i $i;done The pix above shows a heater to heat up guest room during ACM-ICPC competition. (outside building's temperature is almost 4 celcious).
Post a Comment
Read more