EXETOOLS FORUM  

Go Back   EXETOOLS FORUM > General > Community Tools

Notices

Reply
 
Thread Tools Display Modes
  #76  
Old 11-02-2016, 08:49
mr.exodia's Avatar
mr.exodia mr.exodia is offline
Super Moderator
 
Join Date: Nov 2011
Posts: 822
Rept. Given: 476
Rept. Rcvd 1,154 Times in 308 Posts
Thanks Given: 73
Thanks Rcvd at 435 Times in 170 Posts
mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299
@evlncrn8 out of interest, how many of your detection rules do you think would be portable to Yara? I think it could definitely improve the maintainability of the code and people can use the signatures with their favorite tools that support Yara.
__________________
x64dbg: http://x64dbg.com
My Blog: http://mrexodia.cf
Reply With Quote
The Following User Says Thank You to mr.exodia For This Useful Post:
TechLord (11-02-2016)
  #77  
Old 11-02-2016, 11:21
TechLord TechLord is offline
VIP
 
Join Date: Mar 2005
Location: PlanetTech
Posts: 472
Rept. Given: 366
Rept. Rcvd 176 Times in 77 Posts
Thanks Given: 493
Thanks Rcvd at 904 Times in 236 Posts
TechLord Reputation: 100-199 TechLord Reputation: 100-199
Quote:
Originally Posted by mr.exodia View Post
@evlncrn8 out of interest, how many of your detection rules do you think would be portable to Yara? I think it could definitely improve the maintainability of the code and people can use the signatures with their favorite tools that support Yara.
I was thinking of the exact same thing for the past few days since the Beta version of the Protection ID was out...

Would be really nice if it could be ported to Yara

Thank you once again @evlncrn8 for this wonderful tool.

Just one quick suggestion :

Would it be possible to implement the Drag-and-Drop functionality in future versions if possible ?

For the last few versions we have to manually choose the file(s) or folder(s) ...

Thank you
Reply With Quote
  #78  
Old 11-02-2016, 22:04
mr.exodia's Avatar
mr.exodia mr.exodia is offline
Super Moderator
 
Join Date: Nov 2011
Posts: 822
Rept. Given: 476
Rept. Rcvd 1,154 Times in 308 Posts
Thanks Given: 73
Thanks Rcvd at 435 Times in 170 Posts
mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299
Quote:
Originally Posted by TechLord View Post
For the last few versions we have to manually choose the file(s) or folder(s) ...
Make sure ProtectionID runs with the same privs as your file browser. Windows has this annoying thing were privileges with drag/drop cannot cross...
__________________
x64dbg: http://x64dbg.com
My Blog: http://mrexodia.cf
Reply With Quote
  #79  
Old 11-03-2016, 00:56
sendersu sendersu is offline
VIP
 
Join Date: Oct 2010
Posts: 620
Rept. Given: 321
Rept. Rcvd 212 Times in 106 Posts
Thanks Given: 71
Thanks Rcvd at 105 Times in 46 Posts
sendersu Reputation: 200-299 sendersu Reputation: 200-299 sendersu Reputation: 200-299
Quote:
Originally Posted by TechLord View Post
Protection ID v6.8.0 ( Halloween 2016) Released.
31-10-2016



Download Here :

Code:
http://pid.serveexchange.com/dl.php?f=ProtectionId.680.halloween.2016.rar
shows now
>>Internal server error. Please contact system administrator.

could be fixed or re-upped?
thx
Reply With Quote
  #80  
Old 11-03-2016, 01:27
mdj's Avatar
mdj mdj is offline
♀♥♂KAMDEV♂♥♀
 
Join Date: Nov 2011
Posts: 147
Rept. Given: 122
Rept. Rcvd 140 Times in 50 Posts
Thanks Given: 38
Thanks Rcvd at 15 Times in 7 Posts
mdj Reputation: 100-199 mdj Reputation: 100-199
Mirror link
http://rgho.st/6ZFMhWcSX
Reply With Quote
The Following User Says Thank You to mdj For This Useful Post:
sendersu (11-03-2016)
  #81  
Old 11-03-2016, 04:08
evlncrn8 evlncrn8 is offline
VIP
 
Join Date: Sep 2005
Posts: 141
Rept. Given: 26
Rept. Rcvd 53 Times in 23 Posts
Thanks Given: 20
Thanks Rcvd at 30 Times in 18 Posts
evlncrn8 Reputation: 53
drag and drop should work, just make sure its open on the 'log' window (top left button), definitely works as i use it myself, in v7 it'll be a lot more commandline orientated and heavily customisable

as for the yara stuff, i'll see what i can do, worst case i can make it a plugin style kinda thing, just have to look at how yara works under the hood etc..

server error - i'd have to check up with empire on that but usually it automagically fixes itself
Reply With Quote
The Following 2 Users Say Thank You to evlncrn8 For This Useful Post:
sendersu (11-03-2016), TechLord (11-03-2016)
  #82  
Old 11-03-2016, 19:09
cybercoder cybercoder is offline
Friend
 
Join Date: Aug 2005
Posts: 83
Rept. Given: 2
Rept. Rcvd 11 Times in 8 Posts
Thanks Given: 14
Thanks Rcvd at 20 Times in 9 Posts
cybercoder Reputation: 11
@sendersu you should try and download it from the main page. works just fine. Anti leech is in place..
Reply With Quote
  #83  
Old 11-03-2016, 20:32
sendersu sendersu is offline
VIP
 
Join Date: Oct 2010
Posts: 620
Rept. Given: 321
Rept. Rcvd 212 Times in 106 Posts
Thanks Given: 71
Thanks Rcvd at 105 Times in 46 Posts
sendersu Reputation: 200-299 sendersu Reputation: 200-299 sendersu Reputation: 200-299
Quote:
Originally Posted by cybercoder View Post
@sendersu you should try and download it from the main page. works just fine. Anti leech is in place..
Unfortunately not...

http://prntscr.com/d2jz57
Reply With Quote
  #84  
Old 11-03-2016, 20:45
virus virus is offline
Friend
 
Join Date: Apr 2002
Posts: 43
Rept. Given: 3
Rept. Rcvd 2 Times in 2 Posts
Thanks Given: 3
Thanks Rcvd at 0 Times in 0 Posts
virus Reputation: 2
Quote:
Originally Posted by sendersu View Post
Unfortunately not...

http://prntscr.com/d2jz57
It's up now. I've just downloaded it.
Reply With Quote
  #85  
Old 11-03-2016, 20:45
MarcElBichon MarcElBichon is online now
VIP
 
Join Date: Jan 2002
Posts: 184
Rept. Given: 156
Rept. Rcvd 154 Times in 55 Posts
Thanks Given: 31
Thanks Rcvd at 53 Times in 16 Posts
MarcElBichon Reputation: 100-199 MarcElBichon Reputation: 100-199
Quote:
Originally Posted by sendersu View Post
Unfortunately not...

http://prntscr.com/d2jz57
cybercoder wants to tell you, try from PiD's homepage:

Code:
http://pid.gamecopyworld.com/
Reply With Quote
The Following 3 Users Say Thank You to MarcElBichon For This Useful Post:
cybercoder (11-04-2016), niculaita (11-04-2016), sendersu (11-04-2016)
  #86  
Old 01-03-2017, 09:40
Abaddon Abaddon is offline
Friend
 
Join Date: May 2016
Posts: 6
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 5
Thanks Rcvd at 7 Times in 2 Posts
Abaddon Reputation: 0
New version out!

ProtectionId v 6.85 (December 2016)

Quote:
Bugfixes, tweaked some code, and a few optimisations and new scans.

http://pid.gamecopyworld.com

New users beware: staying true to its heritage, PId gets false positives from a lot of AVs.

How author remains dedicated to the project after all these years, is beyond me; you, sir, have my deepest respect.
Reply With Quote
The Following 6 Users Say Thank You to Abaddon For This Useful Post:
an0rma1 (01-12-2017), Apuromafo (01-04-2017), evlncrn8 (01-04-2017), giv (01-03-2017), niculaita (01-03-2017), s0me0n3 (03-16-2017)
  #87  
Old 05-24-2017, 17:09
Sky Sky is offline
Friend
 
Join Date: Aug 2004
Posts: 56
Rept. Given: 3
Rept. Rcvd 3 Times in 2 Posts
Thanks Given: 3
Thanks Rcvd at 3 Times in 3 Posts
Sky Reputation: 3
Quote:
Originally Posted by Abaddon View Post
New version out!

ProtectionId v 6.85 (December 2016)
Code:
Internal server error
on download
Reply With Quote
  #88  
Old 05-25-2017, 04:06
niculaita's Avatar
niculaita niculaita is offline
Family
 
Join Date: Jun 2011
Location: here
Posts: 762
Rept. Given: 764
Rept. Rcvd 81 Times in 53 Posts
Thanks Given: 1,175
Thanks Rcvd at 100 Times in 71 Posts
niculaita Reputation: 81
http://www26.zippyshare.com/v/GTfUFSZU/file.html
__________________
Decode and Conquer
Reply With Quote
Reply

Tags
exeinfo, peid

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
IDA 6.8 Released N0P General Discussion 18 08-11-2015 00:39


All times are GMT +8. The time now is 12:46.


ICP05004977
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX