Steps to configure mitmproxy for ssl interception in malware analysis.
wget https://snapshots.mitmproxy.org/5.0.1/mitmproxy-5.0.1-linux.tar.gz --output-document=mitmproxy.tgz
sudo tar -xzvf mitmproxy.tgz -C /usr/local/bin/
av-gantimurov
av-gantimurov
/ mitmproxy.md
Last active
March 14, 2023 09:06
Steps to configure mitmproxy for ssl interception in malware analysis
av-gantimurov
/ resources.md
Last active
November 27, 2024 20:04
List of resources for malware analysts
- Monappa K.A., "Learning Malware Analysis: Explore the concepts, tools, and techniques to analyze and investigate Windows malware" amazon.
- Sikorski M., Honig A., "Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software" amazon.
- Ferrie P., "The "Ultimate" Anti-Debugging Reference" [free](https://anti-reversing.com/Downloads/Anti-Reversing/The_Ultimate_Anti-Reversing_Reference.pdf
av-gantimurov
/ munpack-fix.sh
Last active
August 5, 2021 00:53
Fix munpack UTF-8 names in attachments
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| find . -type f -iname '*X=' | while read name | |
| do | |
| newname=$(echo "$name" | sed 's/[[:print:]]*\/=Xutf-8XBX//I; s/X=XXX=Xutf-8XBX//gI; s/X=$//' | base64 -d ) | |
| dir=$(echo $name | sed 's/\/=Xutf-8XBX[A-Za-z0-9X=/+-]\+//I') | |
| mv --verbose "$name" "${dir}/${newname}" | |
| done |
NewerOlder