![[LWN Logo]](/images/lcorner.png) |
|
![[LWN.net]](/images/Included.png) |
From: Michal Zalewski <lcamtuf@bos.bindview.com>
To: SECTOOLS@SECURITYFOCUS.COM
Subject: Fenris 0.02 (and some hints)
Date: Thu, 9 May 2002 10:41:29 -0400 (EDT)
I'd like to announce the availability of Fenris 0.02. Fenris is a GPLed
reverse engineering, debugging, and computer forensics tool that combines
many unique features. To read more propaganda, or to download the
documentation and sources, please go to project's homepage,
http://razor.bindview.com/tools/fenris/ .
In this release, which was made possible thanks to many contributors, I
focused on providing some additional core functionality, some bugfixes,
and extending fingerprints database. I also provided certain capabilities
useful for analysis of a hostile code, such as run-time data modification.
To exercise new features, I came up with several hints on how to approach
"The Reverse Challenge" [http://project.honeynet.org/reverse] using
Fenris, and how to make the analysis much simpler. My quick write-up is
not intended to spoil the fun, so it is safe to have a look:
http://lcamtuf.coredump.cx/fenris/reverse.txt
There are many interesting features still on the TODO list, and probably
even more things you'd like to see in a program like this. There's also a
handy amount of known bugs that are yet to be fixed. Your contributions,
even marginal, are of great value to this project.
--
_____________________________________________________
Michal Zalewski [lcamtuf@bos.bindview.com] [security]
[http://lcamtuf.coredump.cx] <=-=> bash$ :(){ :|:&};:
=-=> Did you know that clones never use mirrors? <=-=
http://lcamtuf.coredump.cx/photo/