Automation tools
Developing our own programs to do analysis may sometimes be a must. For example, if the program contains a decryption algorithm, we can develop a separate program that can run the same algorithm that may be used for similar programs with the same decryption algorithm. If we wanted to identify variants of the file we were analyzing, we could automate the identification for incoming files using one of the following:
- Python:Â This scriptinglanguageis popularbecauseof it availability across multiple platforms. It is pre-installed in Linux operating systems;compiledbinaries for Windows can be downloaded fromhttps://www.python.org/.Â
- Yara:Â A tool and language from the developers of VirusTotal. It is capable of searching the contents of files for a set of binary or text signatures. Its most common application is in searching for malware remnants in a compromised system.
- Visual Studio:Â A piece of Microsoft software for coding and building programs. It can be used by reverse engineers...
