GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → ics-iot-bootcamp → cerberus_research

ics-iot-bootcamp / cerberus_research

Licence: Apache-2.0 license
Research tools for analysing Cerberus banking trojan.

Programming Languages

javascript
184084 projects - #8 most used programming language
PHP
23972 projects - #3 most used programming language
java
68154 projects - #9 most used programming language
CSS
56736 projects
HTML
75241 projects
shell
77523 projects
python
139335 projects - #7 most used programming language

Labels

androidresearchtoolsanalysispapermalwaretrojanbankingdecryptercerberusdecryptorcerberus-banking-trojan

Projects that are alternatives of or similar to cerberus research

Tidyversity
🎓 Tidy tools for academics
Stars: ✭ 155 (+40.91%)
Mutual labels:  research, analysis
Browser Sec Whitepaper
Cure53 Browser Security White Paper
Stars: ✭ 251 (+128.18%)
Mutual labels:  research, paper
Acl Papers
paper summary of Association for Computational Linguistics
Stars: ✭ 189 (+71.82%)
Mutual labels:  research, paper
Turnoff Namuwiki
조별과제 때마다 "나무위키 꺼라."라고 말하시는게 피곤하신 여러분을 위해 만들어진 Browser Extension, 나무위키를 꺼 드립니다.
Stars: ✭ 59 (-46.36%)
Mutual labels:  research, paper
ToxicEye
👽 Program for remote control of windows computers via telegram bot. Written in C#
Stars: ✭ 305 (+177.27%)
Mutual labels:  malware, trojan
Research And Coding
研究资源列表 A curated list of research resources
Stars: ✭ 100 (-9.09%)
Mutual labels:  research, paper
Research Paper Notes
Notes and Summaries on ML-related Research Papers (with optional implementations)
Stars: ✭ 218 (+98.18%)
Mutual labels:  research, paper
Android unpacker
A (hopefully) generic unpacker for packed Android apps.
Stars: ✭ 320 (+190.91%)
Mutual labels:  research, malware
flashmingo
Automatic analysis of SWF files based on some heuristics. Extensible via plugins.
Stars: ✭ 117 (+6.36%)
Mutual labels:  analysis, malware
FIDL
A sane API for IDA Pro's decompiler. Useful for malware RE and vulnerability research
Stars: ✭ 421 (+282.73%)
Mutual labels:  research, malware
Neural Architecture Search With Rl
Minimal Tensorflow implementation of the paper "Neural Architecture Search With Reinforcement Learning" presented at ICLR 2017
Stars: ✭ 37 (-66.36%)
Mutual labels:  research, paper
trolo
trolo - an easy to use script for generating Payloads that bypasses antivirus
Stars: ✭ 45 (-59.09%)
Mutual labels:  malware, trojan
Dnc Tensorflow
A TensorFlow implementation of DeepMind's Differential Neural Computers (DNC)
Stars: ✭ 587 (+433.64%)
Mutual labels:  research, paper
Top 10 Computer Vision Papers 2020
A list of the top 10 computer vision papers in 2020 with video demos, articles, code and paper reference.
Stars: ✭ 132 (+20%)
Mutual labels:  research, paper
Research Method
论文写作与资料分享
Stars: ✭ 436 (+296.36%)
Mutual labels:  research, paper
Research In Production
A collection of research papers categorized by real-world systems that enact them
Stars: ✭ 205 (+86.36%)
Mutual labels:  research, paper
Invizzzible
InviZzzible is a tool for assessment of your virtual environments in an easy and reliable way. It contains the most recent and up to date detection and evasion techniques as well as fixes for them.
Stars: ✭ 268 (+143.64%)
Mutual labels:  research, malware
Fidl
A sane API for IDA Pro's decompiler. Useful for malware RE and vulnerability research
Stars: ✭ 319 (+190%)
Mutual labels:  research, malware
rhino
Agile Sandbox for analyzing Windows, Linux and macOS malware and execution behaviors
Stars: ✭ 49 (-55.45%)
Mutual labels:  analysis, malware
showstopper
ShowStopper is a tool for helping malware researchers explore and test anti-debug techniques or verify debugger plugins or other solutions that clash with standard anti-debug methods.
Stars: ✭ 132 (+20%)
Mutual labels:  research, malware
View All Similar Projects ➔

Cerberus Banking Trojan Research

Related research paper : https://github.com/ics-iot-bootcamp/cerberus_research/blob/master/cerberus_research_paper.pdf

This repository currently has two tools that can be used.

Hercules: Hercules automatically finds decryption key for actual DEX of the given Cerberus sample, decrypts it, then decrypts configuration parameters in the actual payload. All statically, in seconds.

queryCerberus: Partial implementation of the Cerberus banking trojan C2 communication.

cerberus_full_package contains Cerberus source code that distributed to premium members of originated forum. Credits: DC8044

Initial analysis shows that the Android V2 in the source package is not the latest version in the wild. It lacks Android 10 improvements. Our research paper covers latest version of the malware. According to leftover files, looks like their development team uses a private GitHub repository.

alt text -Latest version contains Endless Foreground Service taken from; https://robertohuertas.com/2019/06/29/android_foreground_services/

-Communication parameters of latest version are abbreviated. In this one they aren't.

Stay Safe & Healthy.

Regards, Cyberwise Research Task Force (Cyberwise - RTF).

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].