EXETOOLS FORUM  

Go Back   EXETOOLS FORUM > General > Community Tools

Notices

Reply
 
Thread Tools Display Modes
  #76  
Old 11-02-2016, 08:49
mr.exodia's Avatar
mr.exodia mr.exodia is offline
Super Moderator
 
Join Date: Nov 2011
Posts: 817
Rept. Given: 475
Rept. Rcvd 1,149 Times in 307 Posts
Thanks Given: 72
Thanks Rcvd at 414 Times in 166 Posts
mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299
@evlncrn8 out of interest, how many of your detection rules do you think would be portable to Yara? I think it could definitely improve the maintainability of the code and people can use the signatures with their favorite tools that support Yara.
__________________
x64dbg: http://x64dbg.com
My Blog: http://mrexodia.cf
Reply With Quote
The Following User Says Thank You to mr.exodia For This Useful Post:
TechLord (11-02-2016)
  #77  
Old 11-02-2016, 11:21
TechLord TechLord is offline
VIP
 
Join Date: Mar 2005
Location: PlanetTech
Posts: 438
Rept. Given: 363
Rept. Rcvd 174 Times in 75 Posts
Thanks Given: 470
Thanks Rcvd at 866 Times in 217 Posts
TechLord Reputation: 100-199 TechLord Reputation: 100-199
Quote:
Originally Posted by mr.exodia View Post
@evlncrn8 out of interest, how many of your detection rules do you think would be portable to Yara? I think it could definitely improve the maintainability of the code and people can use the signatures with their favorite tools that support Yara.
I was thinking of the exact same thing for the past few days since the Beta version of the Protection ID was out...

Would be really nice if it could be ported to Yara

Thank you once again @evlncrn8 for this wonderful tool.

Just one quick suggestion :

Would it be possible to implement the Drag-and-Drop functionality in future versions if possible ?

For the last few versions we have to manually choose the file(s) or folder(s) ...

Thank you
Reply With Quote
  #78  
Old 11-02-2016, 22:04
mr.exodia's Avatar
mr.exodia mr.exodia is offline
Super Moderator
 
Join Date: Nov 2011
Posts: 817
Rept. Given: 475
Rept. Rcvd 1,149 Times in 307 Posts
Thanks Given: 72
Thanks Rcvd at 414 Times in 166 Posts
mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299
Quote:
Originally Posted by TechLord View Post
For the last few versions we have to manually choose the file(s) or folder(s) ...
Make sure ProtectionID runs with the same privs as your file browser. Windows has this annoying thing were privileges with drag/drop cannot cross...
__________________
x64dbg: http://x64dbg.com
My Blog: http://mrexodia.cf
Reply With Quote
  #79  
Old 11-03-2016, 00:56
sendersu sendersu is offline
VIP
 
Join Date: Oct 2010
Posts: 585
Rept. Given: 321
Rept. Rcvd 211 Times in 105 Posts
Thanks Given: 63
Thanks Rcvd at 80 Times in 31 Posts
sendersu Reputation: 200-299 sendersu Reputation: 200-299 sendersu Reputation: 200-299
Quote:
Originally Posted by TechLord View Post
Protection ID v6.8.0 ( Halloween 2016) Released.
31-10-2016



Download Here :

Code:
http://pid.serveexchange.com/dl.php?f=ProtectionId.680.halloween.2016.rar
shows now
>>Internal server error. Please contact system administrator.

could be fixed or re-upped?
thx
Reply With Quote
  #80  
Old 11-03-2016, 01:27
mdj's Avatar
mdj mdj is offline
♀♥♂KAMDEV♂♥♀
 
Join Date: Nov 2011
Posts: 147
Rept. Given: 122
Rept. Rcvd 140 Times in 50 Posts
Thanks Given: 38
Thanks Rcvd at 14 Times in 7 Posts
mdj Reputation: 100-199 mdj Reputation: 100-199
Mirror link
http://rgho.st/6ZFMhWcSX
Reply With Quote
The Following User Says Thank You to mdj For This Useful Post:
sendersu (11-03-2016)
  #81  
Old 11-03-2016, 04:08
evlncrn8 evlncrn8 is offline
VIP
 
Join Date: Sep 2005
Posts: 139
Rept. Given: 26
Rept. Rcvd 53 Times in 23 Posts
Thanks Given: 20
Thanks Rcvd at 29 Times in 17 Posts
evlncrn8 Reputation: 53
drag and drop should work, just make sure its open on the 'log' window (top left button), definitely works as i use it myself, in v7 it'll be a lot more commandline orientated and heavily customisable

as for the yara stuff, i'll see what i can do, worst case i can make it a plugin style kinda thing, just have to look at how yara works under the hood etc..

server error - i'd have to check up with empire on that but usually it automagically fixes itself
Reply With Quote
The Following 2 Users Say Thank You to evlncrn8 For This Useful Post:
sendersu (11-03-2016), TechLord (11-03-2016)
  #82  
Old 11-03-2016, 19:09
cybercoder cybercoder is offline
Friend
 
Join Date: Aug 2005
Posts: 79
Rept. Given: 2
Rept. Rcvd 11 Times in 8 Posts
Thanks Given: 14
Thanks Rcvd at 16 Times in 6 Posts
cybercoder Reputation: 11
@sendersu you should try and download it from the main page. works just fine. Anti leech is in place..
Reply With Quote
  #83  
Old 11-03-2016, 20:32
sendersu sendersu is offline
VIP
 
Join Date: Oct 2010
Posts: 585
Rept. Given: 321
Rept. Rcvd 211 Times in 105 Posts
Thanks Given: 63
Thanks Rcvd at 80 Times in 31 Posts
sendersu Reputation: 200-299 sendersu Reputation: 200-299 sendersu Reputation: 200-299
Quote:
Originally Posted by cybercoder View Post
@sendersu you should try and download it from the main page. works just fine. Anti leech is in place..
Unfortunately not...

http://prntscr.com/d2jz57
Reply With Quote
  #84  
Old 11-03-2016, 20:45
virus virus is offline
Friend
 
Join Date: Apr 2002
Posts: 43
Rept. Given: 3
Rept. Rcvd 2 Times in 2 Posts
Thanks Given: 3
Thanks Rcvd at 0 Times in 0 Posts
virus Reputation: 2
Quote:
Originally Posted by sendersu View Post
Unfortunately not...

http://prntscr.com/d2jz57
It's up now. I've just downloaded it.
Reply With Quote
  #85  
Old 11-03-2016, 20:45
MarcElBichon MarcElBichon is online now
VIP
 
Join Date: Jan 2002
Posts: 184
Rept. Given: 156
Rept. Rcvd 154 Times in 55 Posts
Thanks Given: 31
Thanks Rcvd at 53 Times in 16 Posts
MarcElBichon Reputation: 100-199 MarcElBichon Reputation: 100-199
Quote:
Originally Posted by sendersu View Post
Unfortunately not...

http://prntscr.com/d2jz57
cybercoder wants to tell you, try from PiD's homepage:

Code:
http://pid.gamecopyworld.com/
Reply With Quote
The Following 3 Users Say Thank You to MarcElBichon For This Useful Post:
cybercoder (11-04-2016), niculaita (11-04-2016), sendersu (11-04-2016)
  #86  
Old 01-03-2017, 09:40
Abaddon Abaddon is offline
Friend
 
Join Date: May 2016
Posts: 6
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 5
Thanks Rcvd at 7 Times in 2 Posts
Abaddon Reputation: 0
New version out!

ProtectionId v 6.85 (December 2016)

Quote:
Bugfixes, tweaked some code, and a few optimisations and new scans.

http://pid.gamecopyworld.com

New users beware: staying true to its heritage, PId gets false positives from a lot of AVs.

How author remains dedicated to the project after all these years, is beyond me; you, sir, have my deepest respect.
Reply With Quote
The Following 6 Users Say Thank You to Abaddon For This Useful Post:
an0rma1 (01-12-2017), Apuromafo (01-04-2017), evlncrn8 (01-04-2017), giv (01-03-2017), niculaita (01-03-2017), s0me0n3 (03-16-2017)
  #87  
Old 05-24-2017, 17:09
Sky Sky is offline
Friend
 
Join Date: Aug 2004
Posts: 56
Rept. Given: 3
Rept. Rcvd 3 Times in 2 Posts
Thanks Given: 3
Thanks Rcvd at 3 Times in 3 Posts
Sky Reputation: 3
Quote:
Originally Posted by Abaddon View Post
New version out!

ProtectionId v 6.85 (December 2016)
Code:
Internal server error
on download
Reply With Quote
  #88  
Old 05-25-2017, 04:06
niculaita's Avatar
niculaita niculaita is offline
Family
 
Join Date: Jun 2011
Location: here
Posts: 739
Rept. Given: 756
Rept. Rcvd 81 Times in 53 Posts
Thanks Given: 1,104
Thanks Rcvd at 88 Times in 64 Posts
niculaita Reputation: 81
http://www26.zippyshare.com/v/GTfUFSZU/file.html
__________________
Decode and Conquer
Reply With Quote
Reply

Tags
exeinfo, peid

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
IDA 6.8 Released N0P General Discussion 18 08-11-2015 00:39


All times are GMT +8. The time now is 03:19.


ICP05004977
vBulletin Security provided by vBSecurity v2.2.0 (Lite) - vBulletin Mods & Addons Copyright © 2017 DragonByte Technologies Ltd.
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX