Skip to content
/ red Public

A DECAF plugin which is used to bypass blue.exe

3 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

poppycompass/red

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
.gitignore
.gitignore
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
configure
configure
 
 
plugin_cmds.h
plugin_cmds.h
 
 
red.c
red.c
 
 

Repository files navigation

red

====
A DECAF plugin which is used to bypass blue.exe

Description

セキュリティキャンプ全国大会2015,解析トラック15・16-D「仮想化技術を用いたマルウェア解析」課題プログラムblue.exeの仮想化検知回避プラグイン

Usage

(qemu) load_plugin <your_path>/DECAF/decaf/plugins/red/red.so
(qemu) red blue.exe

Install

$ cd <your_path>/DECAF/decaf/plugins
$ git clone https://github.com/poppycompass/red.git
$ cd red
$ ./configure --decaf-path=<your_path>/DECAF/decaf/
$ make

Author

poppycompass

About

A DECAF plugin which is used to bypass blue.exe

Resources

Readme
Activity

Stars

3 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages