IDA Pro

September 25, 2018

THREAT RESEARCH

IDA-minsc Wins Second Place in Hex-Rays Plugins Contest

Ali Rizvi-Santiago of Cisco Talos recently tied second place in the IDA plugin contest with a plugin named “IDA-minsc.” IDA is a multi-processor disassembler and debugger created by the company Hex-Rays and this year there were a total of 4 winners with 9 submissions total. Every year, t…

September 13, 2018

THREAT RESEARCH

SigAnalyzer: Signature analysis with CASC

Executive summary ClamAV Signature Creator (CASC) is an IDA Pro plugin that assists in the creation of ClamAV pattern signatures. We have enhanced this plugin to also analyze these signatures. The plugin highlights matching parts in a binary when its given a particular signature. This function is he…

December 1, 2016

THREAT RESEARCH

Project FIRST: Share Knowledge, Speed up Analysis

Project FIRST is lead by Angel M. Villegas. This post is authored by Holger Unterbrink. Talos is pleased to announce the release of the Function Identification and Recovery Signature Tool (FIRST). It is an open-source framework that allows sharing of knowledge about similar functions used across fil…