From: Semper Securus (sempersecurus@gmail.com)
Date: Sat Feb 11 2006 - 23:20:14 EST
These are two programs that run on *nix (I also think there areFreeBSD ports as well) that will emulate a vulnerable Windows box forthe purposes of collecting malware. We run a bunch of sensors over atShadowserver and these progams have been hugely successful incollecting current malware for analysis.
http://nepenthes.sourceforge.net/
http://www.mwcollect.org/
Good Luck !
Andre'--SemperSecurus
On 2/11/06, Ed Hotchkiss <edhotchkiss@gmail.com> wrote:> kind of off topic here to pen-testers, however somewhat related to> this question ... i was reading a bit back when i only had access to> win32 boxes; about a nix application made specifically for capturing> wild malware by acting as a specific honeypot, emulating services etc> to capture malware binaries, does anyone know of an example> application?>> -edward>> ------------------------------------------------------------------------------> Audit your website security with Acunetix Web Vulnerability Scanner:>> Hackers are concentrating their efforts on attacking applications on your> website. Up to 75% of cyber attacks are launched on shopping carts, forms,> login pages, dynamic content etc. Firewalls, SSL and locked-down servers are> futile against web application hacking. Check your website for vulnerabilities> to SQL injection, Cross site scripting and other web attacks before hackers do!> Download Trial at:>> http://www.securityfocus.com/sponsor/pe
n-test_050831> ------------------------------------------------------------------------------->>
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:30 EDT