Malware Forensics:   
                             Investigating and Analyzing Malicious Code
WEb Based Tools

November 6, 2009:
FEATURED TOOL: Online TrID File Identifier-
Marco Pontello's tool TrID is an utility designed to identify file types from their binary signatures. Marco's website also supports Online TrID File Identifier, allowing a user to upload his/her file for identification through this portal.

                                                   Online TrID File Identifier submission portal

                           Identification results of a maliciousWindows executable file from Online TrID                                                        

July 10, 2009:

FEATURED TOOL: EXE_Dump_Utility online PE Analysis tool  allows as user to Upload a Windows EXE file or DLL and get a report of all the information included in it.  The online tool is based upon Ero Carrera's well known python PE file analysis utility, pefile.

July 8, 2009:
Flash Probe is a free online tool that can parse flash files and display text, images and links found within. The tool will create HTML versions of your flash websites.

• Accepts uploaded SWF files or downloads them from URL
• Parses text from SWF
• Displays linked files from SWF
• Displays all pictures embedded in SWF file
• Creates an HTML version from the text and links found in your flash file. This feature is useful to create a search engine friendly version of your website.
• Shows text search engines will index from your SWF file.

July 1, 2009:
RE Portal is a work in progress and under construction.  Self-described as "[a] central repository for reverse engineering tools. REportal contains a compresensive set of reverse engineering tools to profile and data mine source code and software systems," the portal currently only supports Java source code.