Exetools  

Go Back   Exetools > General > Community Tools

Notices

Reply
 
Thread Tools Display Modes
  #76  
Old 11-02-2016, 08:49
mr.exodia mr.exodia is offline
Retired Moderator
 
Join Date: Nov 2011
Posts: 784
Rept. Given: 492
Rept. Rcvd 1,122 Times in 305 Posts
Thanks Given: 90
Thanks Rcvd at 711 Times in 333 Posts
mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299
@evlncrn8 out of interest, how many of your detection rules do you think would be portable to Yara? I think it could definitely improve the maintainability of the code and people can use the signatures with their favorite tools that support Yara.
Reply With Quote
The Following User Says Thank You to mr.exodia For This Useful Post:
TechLord (11-02-2016)
  #77  
Old 11-02-2016, 11:21
TechLord TechLord is offline
Banned User
 
Join Date: Mar 2005
Location: 10 Steps Ahead of You
Posts: 761
Rept. Given: 384
Rept. Rcvd 247 Times in 112 Posts
Thanks Given: 789
Thanks Rcvd at 2,021 Times in 570 Posts
TechLord Reputation: 200-299 TechLord Reputation: 200-299 TechLord Reputation: 200-299
Quote:
Originally Posted by mr.exodia View Post
@evlncrn8 out of interest, how many of your detection rules do you think would be portable to Yara? I think it could definitely improve the maintainability of the code and people can use the signatures with their favorite tools that support Yara.
I was thinking of the exact same thing for the past few days since the Beta version of the Protection ID was out...

Would be really nice if it could be ported to Yara

Thank you once again @evlncrn8 for this wonderful tool.

Just one quick suggestion :

Would it be possible to implement the Drag-and-Drop functionality in future versions if possible ?

For the last few versions we have to manually choose the file(s) or folder(s) ...

Thank you
Reply With Quote
The Following User Says Thank You to TechLord For This Useful Post:
Indigo (07-19-2019)
  #78  
Old 11-02-2016, 22:04
mr.exodia mr.exodia is offline
Retired Moderator
 
Join Date: Nov 2011
Posts: 784
Rept. Given: 492
Rept. Rcvd 1,122 Times in 305 Posts
Thanks Given: 90
Thanks Rcvd at 711 Times in 333 Posts
mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299
Quote:
Originally Posted by TechLord View Post
For the last few versions we have to manually choose the file(s) or folder(s) ...
Make sure ProtectionID runs with the same privs as your file browser. Windows has this annoying thing were privileges with drag/drop cannot cross...
Reply With Quote
The Following User Says Thank You to mr.exodia For This Useful Post:
Indigo (07-19-2019)
  #79  
Old 11-03-2016, 00:56
sendersu sendersu is offline
VIP
 
Join Date: Oct 2010
Posts: 1,066
Rept. Given: 332
Rept. Rcvd 223 Times in 115 Posts
Thanks Given: 234
Thanks Rcvd at 512 Times in 288 Posts
sendersu Reputation: 200-299 sendersu Reputation: 200-299 sendersu Reputation: 200-299
Quote:
Originally Posted by TechLord View Post
Protection ID v6.8.0 ( Halloween 2016) Released.
31-10-2016



Download Here :

Code:
http://pid.serveexchange.com/dl.php?f=ProtectionId.680.halloween.2016.rar
shows now
>>Internal server error. Please contact system administrator.

could be fixed or re-upped?
thx
Reply With Quote
The Following User Says Thank You to sendersu For This Useful Post:
Indigo (07-19-2019)
  #80  
Old 11-03-2016, 01:27
mdj's Avatar
mdj mdj is offline
♀♥♂KAMDEV♂♥♀
 
Join Date: Nov 2011
Posts: 159
Rept. Given: 141
Rept. Rcvd 139 Times in 49 Posts
Thanks Given: 79
Thanks Rcvd at 28 Times in 15 Posts
mdj Reputation: 100-199 mdj Reputation: 100-199
Mirror link
http://rgho.st/6ZFMhWcSX
Reply With Quote
The Following 2 Users Say Thank You to mdj For This Useful Post:
Indigo (07-19-2019), sendersu (11-03-2016)
  #81  
Old 11-03-2016, 04:08
evlncrn8 evlncrn8 is offline
VIP
 
Join Date: Sep 2005
Posts: 179
Rept. Given: 36
Rept. Rcvd 54 Times in 24 Posts
Thanks Given: 49
Thanks Rcvd at 117 Times in 69 Posts
evlncrn8 Reputation: 54
drag and drop should work, just make sure its open on the 'log' window (top left button), definitely works as i use it myself, in v7 it'll be a lot more commandline orientated and heavily customisable

as for the yara stuff, i'll see what i can do, worst case i can make it a plugin style kinda thing, just have to look at how yara works under the hood etc..

server error - i'd have to check up with empire on that but usually it automagically fixes itself
Reply With Quote
The Following 3 Users Say Thank You to evlncrn8 For This Useful Post:
Indigo (07-19-2019), sendersu (11-03-2016), TechLord (11-03-2016)
  #82  
Old 11-03-2016, 19:09
cybercoder cybercoder is offline
Friend
 
Join Date: Aug 2005
Posts: 114
Rept. Given: 2
Rept. Rcvd 11 Times in 8 Posts
Thanks Given: 22
Thanks Rcvd at 46 Times in 31 Posts
cybercoder Reputation: 11
@sendersu you should try and download it from the main page. works just fine. Anti leech is in place..
Reply With Quote
The Following User Says Thank You to cybercoder For This Useful Post:
Indigo (07-19-2019)
  #83  
Old 11-03-2016, 20:32
sendersu sendersu is offline
VIP
 
Join Date: Oct 2010
Posts: 1,066
Rept. Given: 332
Rept. Rcvd 223 Times in 115 Posts
Thanks Given: 234
Thanks Rcvd at 512 Times in 288 Posts
sendersu Reputation: 200-299 sendersu Reputation: 200-299 sendersu Reputation: 200-299
Quote:
Originally Posted by cybercoder View Post
@sendersu you should try and download it from the main page. works just fine. Anti leech is in place..
Unfortunately not...

http://prntscr.com/d2jz57
Reply With Quote
The Following User Says Thank You to sendersu For This Useful Post:
Indigo (07-19-2019)
  #84  
Old 11-03-2016, 20:45
virus virus is offline
Friend
 
Join Date: Apr 2002
Posts: 55
Rept. Given: 3
Rept. Rcvd 2 Times in 2 Posts
Thanks Given: 17
Thanks Rcvd at 17 Times in 11 Posts
virus Reputation: 2
Quote:
Originally Posted by sendersu View Post
Unfortunately not...

http://prntscr.com/d2jz57
It's up now. I've just downloaded it.
Reply With Quote
The Following User Says Thank You to virus For This Useful Post:
Indigo (07-19-2019)
  #85  
Old 11-03-2016, 20:45
MarcElBichon MarcElBichon is offline
VIP
 
Join Date: Jan 2002
Posts: 268
Rept. Given: 355
Rept. Rcvd 151 Times in 57 Posts
Thanks Given: 246
Thanks Rcvd at 264 Times in 86 Posts
MarcElBichon Reputation: 100-199 MarcElBichon Reputation: 100-199
Quote:
Originally Posted by sendersu View Post
Unfortunately not...

http://prntscr.com/d2jz57
cybercoder wants to tell you, try from PiD's homepage:

Code:
http://pid.gamecopyworld.com/
Reply With Quote
The Following 4 Users Say Thank You to MarcElBichon For This Useful Post:
cybercoder (11-04-2016), Indigo (07-19-2019), niculaita (11-04-2016), sendersu (11-04-2016)
  #86  
Old 01-03-2017, 09:40
Abaddon Abaddon is offline
Friend
 
Join Date: May 2016
Posts: 43
Rept. Given: 0
Rept. Rcvd 3 Times in 3 Posts
Thanks Given: 181
Thanks Rcvd at 45 Times in 25 Posts
Abaddon Reputation: 3
New version out!

ProtectionId v 6.85 (December 2016)

Quote:
Bugfixes, tweaked some code, and a few optimisations and new scans.

http://pid.gamecopyworld.com

New users beware: staying true to its heritage, PId gets false positives from a lot of AVs.

How author remains dedicated to the project after all these years, is beyond me; you, sir, have my deepest respect.
Reply With Quote
The Following 7 Users Say Thank You to Abaddon For This Useful Post:
an0rma1 (01-12-2017), Apuromafo (01-04-2017), evlncrn8 (01-04-2017), giv (01-03-2017), Indigo (07-19-2019), niculaita (01-03-2017), s0me0n3 (03-16-2017)
  #87  
Old 05-24-2017, 17:09
Sky Sky is offline
Friend
 
Join Date: Aug 2004
Posts: 69
Rept. Given: 3
Rept. Rcvd 3 Times in 2 Posts
Thanks Given: 6
Thanks Rcvd at 15 Times in 11 Posts
Sky Reputation: 3
Quote:
Originally Posted by Abaddon View Post
New version out!

ProtectionId v 6.85 (December 2016)
Code:
Internal server error
on download
Reply With Quote
The Following User Says Thank You to Sky For This Useful Post:
Indigo (07-19-2019)
  #88  
Old 05-25-2017, 04:06
niculaita's Avatar
niculaita niculaita is offline
Family
 
Join Date: Jun 2011
Location: here
Posts: 1,342
Rept. Given: 947
Rept. Rcvd 89 Times in 61 Posts
Thanks Given: 4,282
Thanks Rcvd at 479 Times in 338 Posts
niculaita Reputation: 89
http://www26.zippyshare.com/v/GTfUFSZU/file.html
__________________
Decode and Conquer
Reply With Quote
The Following User Says Thank You to niculaita For This Useful Post:
Indigo (07-19-2019)
  #89  
Old 12-25-2017, 05:03
Corsten Corsten is offline
Family
 
Join Date: Aug 2010
Location: world
Posts: 41
Rept. Given: 36
Rept. Rcvd 40 Times in 11 Posts
Thanks Given: 84
Thanks Rcvd at 85 Times in 26 Posts
Corsten Reputation: 40
ProtectionId v6.90
24 December 2017

Quote:
Bugfixes, tweaked some code, and a few optimisations and new scans
PEBrowse bugs are still there, the fixes were not ready for this release, they should be in for january, along with some other features
I also didnt find any taggant v2 samples, so that didnt make it into the release either, other things did though so i hope this release brings some pleasure to previous users.
Download:
Code:
https://pid.gamecopyworld.com/dl.php?f=ProtectionId.690.December.2017.rar

Last edited by Corsten; 12-28-2017 at 17:35.
Reply With Quote
The Following 5 Users Say Thank You to Corsten For This Useful Post:
Abaddon (12-25-2017), Asus (12-25-2017), chessgod101 (12-25-2017), Indigo (07-19-2019), tonyweb (12-25-2017)
  #90  
Old 12-25-2017, 19:16
tonyweb tonyweb is offline
Family
 
Join Date: Jan 2009
Posts: 190
Rept. Given: 190
Rept. Rcvd 95 Times in 36 Posts
Thanks Given: 1,901
Thanks Rcvd at 299 Times in 122 Posts
tonyweb Reputation: 95
@Corsten
Can you, please, provide a mirror?

"pid.mywire.org" is unreachable ...

Thanks and Regards,
Tony
__________________
Want to learn unpacking ... but I'm too stupid
Reply With Quote
The Following 2 Users Say Thank You to tonyweb For This Useful Post:
Indigo (07-19-2019), niculaita (12-25-2017)
Reply

Tags
exeinfo, peid

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
IDA 6.8 Released N0P General Discussion 18 08-11-2015 00:39


All times are GMT +8. The time now is 19:14.


Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( 1998 - 2024 )