Who I am?
I am an enthusiastic malware analyst. I love reverse engineering, especially when it comes to analyzing malware. I work as freelance in the area of the computer security. This web is my effort to contribute within my possibilities in the world of computer security.
What will I share here?
Mainly, the content of this web will be focused on malware analysis.
The Main Blog will be updated with analysis of different malware's families. Additionally, I share my experimental (and very beta) Sandbox where automatic malware analysis' reports will be shared (pdf reports, malware's configs, malware's CnCs, Urls, etc...). At GitHub I will share my projects, tools, code's snippets, etc... And you always can follow me at Twitter.
About the SandBox
Time ago, I started to code a set of scripts and tools to automatize some daily reverse engineering's tasks. I continued extending these tools meanwhile I needed to extract some additional information from the sample (behavioral information, strings from memory, etc...). It growth, and I decided to put together and sort all of these tools, and this Frankistein became the Pepper Sandbox.
This sandbox is not based on Cuckoo or any other environment. For good and bad, it was started from zero. I use some wellknown tools such as Yara or Volatility. It is mainly coded in python.
Currently, it is in absolutely 'beta' stage. I am continuosly developing it, implementing new features for the engine, adding new patterns to detect new malware families, coding scripts to search in memory Configs, CnCs, and other interesting information. I enjoy developing it, and I hope you enjoy the malware's reports and the shared information.
(Because of the beta stage, the Sandbox website is currently password protected. Please, if you are interested in accesing the sandbox's reports, ask me at Twitter for an user and password to access it).
DM me on Twitter: https://twitter.com/p3pperp0tts