Skip to content

r3oath/Amnesia

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits

README.md

README.md

 
 

amnesia.py

amnesia.py

 
 

Repository files navigation

Amnesia

Copyright (c) 2013 Tristan Strathearn (r3oath@gmail.com)

What is it?

amnesia

Introducing Amnesia, a Layer 1 binary analysis system. Amnesia was designed for the initial analysis of an unknown EXE or DLL. It offers you the ability to view and search for strings, imports, exports, metadata, checksums and to even disassemble the code. This helpful for getting an overview of the file before diving in deeper with a debugger or a dynamic analysis framework.

metadata

I've designed the menu and interface to be as user friendly as possible and developed a built in tool similar to Less (on Linux) or More (on Windows) for dealing with large amounts of output. This makes it easy to scroll through the dump and even save it to file at any time if you wish to analyze it further outside of Amnesia.

imports

Using the disassembly option you can quickly see if a subject looks packed (or check the metadata section) or standard (look for typical compiler Prolog's etc). I've also added an option in the Exports section to generate Visual Studio #Pragma comments for DLL forwarders. This is useful if you're wanting to overwrite an existing DLL's functionality for only a few functions, and forward the rest to the original, renamed DLL.

disas

I've embedded a short overview video if you'd like to see the functionality before downloading Amnesia.

http://www.youtube.com/watch?v=1Yzj0b3qF4o

Enjoy ;)

About

Layer 1 subject analysis system.

Resources

Readme
Activity

Stars

1 star

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published