EXETOOLS FORUM  

Go Back   EXETOOLS FORUM > General > Community Tools

Notices

Reply
 
Thread Tools Display Modes
  #76  
Old 11-02-2016, 08:49
mr.exodia's Avatar
mr.exodia mr.exodia is offline
Super Moderator
 
Join Date: Nov 2011
Posts: 855
Rept. Given: 496
Rept. Rcvd 1,154 Times in 308 Posts
Thanks Given: 92
Thanks Rcvd at 528 Times in 202 Posts
mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299
@evlncrn8 out of interest, how many of your detection rules do you think would be portable to Yara? I think it could definitely improve the maintainability of the code and people can use the signatures with their favorite tools that support Yara.
__________________
x64dbg: http://x64dbg.com
My Blog: http://mrexodia.cf
Reply With Quote
The Following User Says Thank You to mr.exodia For This Useful Post:
TechLord (11-02-2016)
  #77  
Old 11-02-2016, 11:21
TechLord TechLord is offline
Banned User
 
Join Date: Mar 2005
Location: 10 Steps Ahead of You
Posts: 789
Rept. Given: 389
Rept. Rcvd 247 Times in 112 Posts
Thanks Given: 811
Thanks Rcvd at 1,795 Times in 478 Posts
TechLord Reputation: 200-299 TechLord Reputation: 200-299 TechLord Reputation: 200-299
Quote:
Originally Posted by mr.exodia View Post
@evlncrn8 out of interest, how many of your detection rules do you think would be portable to Yara? I think it could definitely improve the maintainability of the code and people can use the signatures with their favorite tools that support Yara.
I was thinking of the exact same thing for the past few days since the Beta version of the Protection ID was out...

Would be really nice if it could be ported to Yara

Thank you once again @evlncrn8 for this wonderful tool.

Just one quick suggestion :

Would it be possible to implement the Drag-and-Drop functionality in future versions if possible ?

For the last few versions we have to manually choose the file(s) or folder(s) ...

Thank you
Reply With Quote
  #78  
Old 11-02-2016, 22:04
mr.exodia's Avatar
mr.exodia mr.exodia is offline
Super Moderator
 
Join Date: Nov 2011
Posts: 855
Rept. Given: 496
Rept. Rcvd 1,154 Times in 308 Posts
Thanks Given: 92
Thanks Rcvd at 528 Times in 202 Posts
mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299 mr.exodia Reputation: 1100-1299
Quote:
Originally Posted by TechLord View Post
For the last few versions we have to manually choose the file(s) or folder(s) ...
Make sure ProtectionID runs with the same privs as your file browser. Windows has this annoying thing were privileges with drag/drop cannot cross...
__________________
x64dbg: http://x64dbg.com
My Blog: http://mrexodia.cf
Reply With Quote
  #79  
Old 11-03-2016, 00:56
sendersu sendersu is offline
VIP
 
Join Date: Oct 2010
Posts: 825
Rept. Given: 324
Rept. Rcvd 216 Times in 110 Posts
Thanks Given: 163
Thanks Rcvd at 233 Times in 119 Posts
sendersu Reputation: 200-299 sendersu Reputation: 200-299 sendersu Reputation: 200-299
Quote:
Originally Posted by TechLord View Post
Protection ID v6.8.0 ( Halloween 2016) Released.
31-10-2016



Download Here :

Code:
http://pid.serveexchange.com/dl.php?f=ProtectionId.680.halloween.2016.rar
shows now
>>Internal server error. Please contact system administrator.

could be fixed or re-upped?
thx
Reply With Quote
  #80  
Old 11-03-2016, 01:27
mdj's Avatar
mdj mdj is offline
♀♥♂KAMDEV♂♥♀
 
Join Date: Nov 2011
Posts: 152
Rept. Given: 126
Rept. Rcvd 140 Times in 50 Posts
Thanks Given: 56
Thanks Rcvd at 19 Times in 9 Posts
mdj Reputation: 100-199 mdj Reputation: 100-199
Mirror link
http://rgho.st/6ZFMhWcSX
Reply With Quote
The Following User Says Thank You to mdj For This Useful Post:
sendersu (11-03-2016)
  #81  
Old 11-03-2016, 04:08
evlncrn8 evlncrn8 is offline
VIP
 
Join Date: Sep 2005
Posts: 163
Rept. Given: 35
Rept. Rcvd 54 Times in 24 Posts
Thanks Given: 42
Thanks Rcvd at 57 Times in 30 Posts
evlncrn8 Reputation: 54
drag and drop should work, just make sure its open on the 'log' window (top left button), definitely works as i use it myself, in v7 it'll be a lot more commandline orientated and heavily customisable

as for the yara stuff, i'll see what i can do, worst case i can make it a plugin style kinda thing, just have to look at how yara works under the hood etc..

server error - i'd have to check up with empire on that but usually it automagically fixes itself
Reply With Quote
The Following 2 Users Say Thank You to evlncrn8 For This Useful Post:
sendersu (11-03-2016), TechLord (11-03-2016)
  #82  
Old 11-03-2016, 19:09
cybercoder cybercoder is offline
Friend
 
Join Date: Aug 2005
Posts: 100
Rept. Given: 2
Rept. Rcvd 11 Times in 8 Posts
Thanks Given: 20
Thanks Rcvd at 26 Times in 14 Posts
cybercoder Reputation: 11
@sendersu you should try and download it from the main page. works just fine. Anti leech is in place..
Reply With Quote
  #83  
Old 11-03-2016, 20:32
sendersu sendersu is offline
VIP
 
Join Date: Oct 2010
Posts: 825
Rept. Given: 324
Rept. Rcvd 216 Times in 110 Posts
Thanks Given: 163
Thanks Rcvd at 233 Times in 119 Posts
sendersu Reputation: 200-299 sendersu Reputation: 200-299 sendersu Reputation: 200-299
Quote:
Originally Posted by cybercoder View Post
@sendersu you should try and download it from the main page. works just fine. Anti leech is in place..
Unfortunately not...

http://prntscr.com/d2jz57
Reply With Quote
  #84  
Old 11-03-2016, 20:45
virus virus is offline
Friend
 
Join Date: Apr 2002
Posts: 46
Rept. Given: 3
Rept. Rcvd 2 Times in 2 Posts
Thanks Given: 13
Thanks Rcvd at 6 Times in 2 Posts
virus Reputation: 2
Quote:
Originally Posted by sendersu View Post
Unfortunately not...

http://prntscr.com/d2jz57
It's up now. I've just downloaded it.
Reply With Quote
  #85  
Old 11-03-2016, 20:45
MarcElBichon MarcElBichon is offline
VIP
 
Join Date: Jan 2002
Posts: 200
Rept. Given: 186
Rept. Rcvd 154 Times in 55 Posts
Thanks Given: 73
Thanks Rcvd at 108 Times in 29 Posts
MarcElBichon Reputation: 100-199 MarcElBichon Reputation: 100-199
Quote:
Originally Posted by sendersu View Post
Unfortunately not...

http://prntscr.com/d2jz57
cybercoder wants to tell you, try from PiD's homepage:

Code:
http://pid.gamecopyworld.com/
Reply With Quote
The Following 3 Users Say Thank You to MarcElBichon For This Useful Post:
cybercoder (11-04-2016), niculaita (11-04-2016), sendersu (11-04-2016)
  #86  
Old 01-03-2017, 09:40
Abaddon Abaddon is offline
Friend
 
Join Date: May 2016
Posts: 17
Rept. Given: 0
Rept. Rcvd 1 Time in 1 Post
Thanks Given: 38
Thanks Rcvd at 14 Times in 7 Posts
Abaddon Reputation: 1
New version out!

ProtectionId v 6.85 (December 2016)

Quote:
Bugfixes, tweaked some code, and a few optimisations and new scans.

http://pid.gamecopyworld.com

New users beware: staying true to its heritage, PId gets false positives from a lot of AVs.

How author remains dedicated to the project after all these years, is beyond me; you, sir, have my deepest respect.
Reply With Quote
The Following 6 Users Say Thank You to Abaddon For This Useful Post:
an0rma1 (01-12-2017), Apuromafo (01-04-2017), evlncrn8 (01-04-2017), giv (01-03-2017), niculaita (01-03-2017), s0me0n3 (03-16-2017)
  #87  
Old 05-24-2017, 17:09
Sky Sky is offline
Friend
 
Join Date: Aug 2004
Posts: 62
Rept. Given: 3
Rept. Rcvd 3 Times in 2 Posts
Thanks Given: 5
Thanks Rcvd at 7 Times in 6 Posts
Sky Reputation: 3
Quote:
Originally Posted by Abaddon View Post
New version out!

ProtectionId v 6.85 (December 2016)
Code:
Internal server error
on download
Reply With Quote
  #88  
Old 05-25-2017, 04:06
niculaita's Avatar
niculaita niculaita is offline
Family
 
Join Date: Jun 2011
Location: here
Posts: 1,009
Rept. Given: 816
Rept. Rcvd 85 Times in 57 Posts
Thanks Given: 2,134
Thanks Rcvd at 210 Times in 129 Posts
niculaita Reputation: 85
http://www26.zippyshare.com/v/GTfUFSZU/file.html
__________________
Decode and Conquer
Reply With Quote
  #89  
Old 12-25-2017, 05:03
Corsten Corsten is offline
Family
 
Join Date: Aug 2010
Location: world
Posts: 35
Rept. Given: 34
Rept. Rcvd 39 Times in 10 Posts
Thanks Given: 57
Thanks Rcvd at 61 Times in 20 Posts
Corsten Reputation: 40
ProtectionId v6.90
24 December 2017

Quote:
Bugfixes, tweaked some code, and a few optimisations and new scans
PEBrowse bugs are still there, the fixes were not ready for this release, they should be in for january, along with some other features
I also didnt find any taggant v2 samples, so that didnt make it into the release either, other things did though so i hope this release brings some pleasure to previous users.
Download:
Code:
https://pid.gamecopyworld.com/dl.php?f=ProtectionId.690.December.2017.rar

Last edited by Corsten; 12-28-2017 at 17:35.
Reply With Quote
The Following 4 Users Say Thank You to Corsten For This Useful Post:
Abaddon (12-25-2017), Asus (12-25-2017), chessgod101 (12-25-2017), tonyweb (12-25-2017)
  #90  
Old 12-25-2017, 19:16
tonyweb tonyweb is offline
Family
 
Join Date: Jan 2009
Posts: 131
Rept. Given: 161
Rept. Rcvd 86 Times in 31 Posts
Thanks Given: 1,095
Thanks Rcvd at 134 Times in 66 Posts
tonyweb Reputation: 86
@Corsten
Can you, please, provide a mirror?

"pid.mywire.org" is unreachable ...

Thanks and Regards,
Tony
__________________
Want to learn unpacking ... but I'm too stupid
Reply With Quote
The Following User Says Thank You to tonyweb For This Useful Post:
niculaita (12-25-2017)
Reply

Tags
exeinfo, peid

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



All times are GMT +8. The time now is 11:50.


��ICP��05004977��
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX