avast / ioc Goto Github PK
View Code? Open in Web Editor NEWThreat Intel IoCs + bits and pieces of dark matter
Threat Intel IoCs + bits and pieces of dark matter
I'm interested in incorporating your rule set into a new project, however, I noticed that you haven't specified a license for the published content. This implies that all copyright ownership remains with you, restricting the ability for others to use, share, or modify the rules without your consent.
Would you consider adopting the Detection Rule License (DRL) for the rules published in this repository?
I have a couple of questions:
Looking at the picture on your article "close-up of cluster of WiFi related functions" and your github command list. You listed CMD 0x69 as wifi power? Does that means in the firmware it actually sets more power to the wifi (maybe using a AT command to the esp)? And does that command have a parameter? I got a lot of people complaining, about kettles and coffee machines loosing connection and reseting them to access points. Would be nice to add a feature to have more power to the wifi using iBrew. I knew the command did something :-)
These commands did not show up when I run "ibrew sweep". But are in the firmware? CMD 0x0B and CMD 0x3F.
Since those both return StatusInvalid (0x69). Could I have a copy of the annotated (I can't image, the names where there before in the firmware, like pin_carafe_test) ida files? I can read and write assembler, but I have no experience in IDA. But I want to have a looksee for al the unknown things I encountered, mapping the protocol.
Can if I place a copy of your article, on the ibrew github page? So people can use it as further reference.
Tristan
Is anyone writing an Android app that can compare these lists to current or past installed apps?
The app list is necessary and appreciated, but esp. when they get this long (UltimaSMS) getting friends and family to manually reconcile is a non-starter.
Thank you for all you do to identify these malicious apps!
Dear dzzie,
You have mentioned the following in
"Binary Reuse of VB6 P-Code Functions" link https://decoded.avast.io/davidzimmer/reusing-vb6-p-code-functions/
The allocation at offset 0x18 is only required if we wish to use built in VB file operation commands or the MsgBox function.
Can you please show an vb6 source code example of how to implement this so that I can display MsgBox
in new thread in vb6 standard exe compiled to pcode.
tiktok is virus
There is no download option to download the csv file so we can save it to our PC and open it in Excel and sort.
Perhaps next time save the file(s) in Google drive instead in the form of a spreadsheet?
Thank you very much for coining the term "Fleeceware" and providing the lists for iOS and Android. This is a very important step to fight scam apps and hopefully Apple and Google will react appropriately to stop them. Did you or do you have plans to directly contact Apple and Google regarding this matter and the data?
Our developer team would like to contribute more apps to the lists. Do you have a thought about a process for contributing?
We see following options for contributing:
(a) Create a pull request on github
(b) Add the scam apps here an, directly in the issue
(c) Send you the identified apps as a list (to which email address?)
We would pefer variant (c) as this would give Avast the chance to check our data before it gets published.
Furthermore here are some suggestions for improving the lists:
We are pretty sure that many other developers, for example @keleftheriou, would also like to contribute to the topic.
Thank you very much in advance.
The team of 2kit consulting
http://2kit.de
Would be nice to be able to browse the fleeceware list on GitHub itself in plain text
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.