A Graphical Wrapper for the Volatility Memory Forensic
The result of this project is an application to analyze a dump file of memory, based on the Volatility framework. Volatility is an accurate and open-source tool for analysis of dump files, however, volatility has a command-line interface that makes the process of analysis too hard and timeconsuming. Therefore, I developed a graphical wrapper for fast analysis of dump files and some more abilities to get human-readable reports.
A Wrapper for Windows Firewall
This application is a user-friendly wrapper to manage the internal firewall of windows OS with more facilities to monitor network traffic such as network connections and the rate of packets. Moreover, this software provides a wide range of abilities to configure the windows firewall with define desired rules, but, in a simple manner rather than, the firewall of windows.
The Generic Unpacker Application
This generic unpacker can normalize and resolve the ambiguity of modern obfuscated malware, which are undetectable for traditional scanners. This efficient tool can unpack more than 300 recognized packers utilized for obfuscating malware. Moreover, it can unpack anonymous and customized packers through dynamic unpacking based on memory dumping.
A Memory Dumper Application
This application images the memory in user and kernel space of the operating system. It provides the feasibility of getting a dump file of a specific process or the entire system. The dump file can use for any troubleshooting process or digital forensic analysis by relevant tools.
The Dentist Office Management Application
This software developed to manage a dentist’s office information and procedures. It is a windows based software that stores all patient reports in a Microsoft Access database and provides a rapid search for finding intended information among tens of thousands of records. Moreover, this application has the ability to online backup and restore.
A Hybrid Sandbox for Risk-free Analysis of Malware
This project led to the creation of a sandbox tool to analyze malware in a safe and risk-free environment. At first, we designed a user-level sandbox that was able to track simple malware without the ability of reaction toward malware. Eventually, after performing plenty amount of research, we developed our sandbox to pursue kernel-level APIs and implementing the ability to confront complicated malware. My M.Sc. thesis was a portion of this valuable project.
Human Emulator Robot
The massive rate of malware production caused emerging automated malware analysis tools like a sandbox. Unfortunately, malware becomes more complex and intelligent in recent years. Therefore, they recognize an automatic analyzer environment rather than a personal computer by intercepting the behavior of a human such as hitting the keyboard or moving the mouse, and they avoid to execute in analyzer environment to make themself hidden and remain anonymous. Hence, this useful tool is needed to emulate the behaviors of a human -just like a monkey- to detect and confront intelligent malware.