• Posts Tagged ‘research’

    Visualizing Malicious PDF Entropy

    by  • February 11, 2011 • Uncategorized

    A couple months back I remember reading a post from Symantec about visualizing entropy to identify infected Microsoft documents. At the time it didn't really dawn upon me to visualize the PDF samples I had, but I did take a brief look into how ent...

    Read more →

    Updates, Reflections and More Plans

    by  • February 9, 2011 • Uncategorized

    In my last post I mentioned that I wanted to put together an API for my malpdfobj tool, so sharing could be easier. The good news is that I have the RESTful API functioning complete with interactive API documentation, python interfaces and the abi...

    Read more →

    Releasing the malpdfobj Tool (beta)

    by  • January 1, 2011 • Uncategorized

    Progressing forward with my results from yesterday I was able to get most of the data I cared about in a JSON format. Having the JSON for each grouping of data was great, but didn't really do me any good because I could never get it into MongoDB t...

    Read more →

    Malware Sample Format in MongoDB

    by  • December 30, 2010 • Uncategorized

    I finally got a chance to sit down and work on the format for a malicious sample that would then get inserted into MongoDB. I am not certain if this is exactly how the final format will be represented, but it does work for now in storing a lot of ...

    Read more →