Monkey tricks: Extracting Viruses/Worms

November 16, 2007, 04:04:44 am
Very interesting article(s)...

In a side note,this guy is also responsible for the development,
of a very cool network analysis live distro:

Actually,I was googling for info in detecting/extracting binaries,
even semi-corrupted,from pcap captures...
most network data reconstruction tools I've seen,
extract html pages,gif/jpg/png and zlib stuff...
don't know of anything towards executables.  :(
If anyone is aware of...

Except from the above articles,
the only somehow related thing I've came across is:
This one though is to be run on live streams,
utilizing unix for portability...don't know...
I doubt it would work correctly under win32,
even say if compiled under cygwin...