Home page logo

nmap-dev logo Nmap Development mailing list archives

GSoC 2011 My Two Ideas(more accurate explanation of these ideas)
From: Eugene Melnichenko <my.email.eugene () gmail com>
Date: Thu, 24 Mar 2011 13:24:36 +0200

I recently wrote about my two ideas:
1. Possible threat category (keylogger, backdoor, etc.) and its level
(Malware detection).
2. What programming language was used, a possible country of origin,
etc. (Malware and Exploit).
Here is a more accurate explanation of these ideas
Now, in order:
Definitions programming language and country of origin:
As far as I know, the compiler makes an entry in the header of the
executable file and the signature can be determined by the code of the
initial installation.
Possible countries of origin can try to determine on the comments in the code.

Now about Possible threat category (keylogger, backdoor, etc.) and its level:
I thought to make the original knowledge base, and once a week to
update base new descriptions.
If the user needs to the description, virus, spliots, keylogger,
backdoor and etc.
He chooses the necessary category and searches for necessary description.

I also thought about the development of the scanner, in which this
could all be realized (Definitions programming language and country of
origin and Possible threat category (keylogger, backdoor, etc.) and
its level).
Knowledge base can be done separately (I think it will be useful).

I have attached the files(documentation and my development(scanner).
If they do not come tell me how send them to you?

Attachment: Scaner.zip

Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]