From: Michal Zalewski <lcamtuf@bos.bindview.com> To: SECTOOLS@SECURITYFOCUS.COM Subject: Fenris 0.02 (and some hints) Date: Thu, 9 May 2002 10:41:29 -0400 (EDT) I'd like to announce the availability of Fenris 0.02. Fenris is a GPLed reverse engineering, debugging, and computer forensics tool that combines many unique features. To read more propaganda, or to download the documentation and sources, please go to project's homepage, http://razor.bindview.com/tools/fenris/ . In this release, which was made possible thanks to many contributors, I focused on providing some additional core functionality, some bugfixes, and extending fingerprints database. I also provided certain capabilities useful for analysis of a hostile code, such as run-time data modification. To exercise new features, I came up with several hints on how to approach "The Reverse Challenge" [http://project.honeynet.org/reverse] using Fenris, and how to make the analysis much simpler. My quick write-up is not intended to spoil the fun, so it is safe to have a look: http://lcamtuf.coredump.cx/fenris/reverse.txt There are many interesting features still on the TODO list, and probably even more things you'd like to see in a program like this. There's also a handy amount of known bugs that are yet to be fixed. Your contributions, even marginal, are of great value to this project. -- _____________________________________________________ Michal Zalewski [lcamtuf@bos.bindview.com] [security] [http://lcamtuf.coredump.cx] <=-=> bash$ :(){ :|:&};: =-=> Did you know that clones never use mirrors? <=-= http://lcamtuf.coredump.cx/photo/