Joebox
Analyse your Malware on Windows simply and quickly
You can licence the following Joebox tools by paying an montly fee (currency: euro):
Joeboxcontrol and Joeboxdriver
- Captures behaviour of processes and drivers
- Extensible configuration for kernelmode EAT and SSDT hooking (no recompilation needed)
- Creates easily parsable CSV files, with comprehensive data (example)
- Possiblity to resume an analysis
- Possiblity to analyse existing processes
- Protects and hides SSDT hooks
- Detects side channel attacks (for instance thread injections)
- Works on Windows XP SP2 32bit
Joeboxabstract
- Creates comprehensive HTML reports out of CSV files (example)
- Creates abstract XML reports (example)
- Reads and includes PCAP data
- Ability to create the behaviour difference between two analysis
- Ability to add labeling software (signature scanner)
- Platform independed
Joeboxabstract Sourcecode
- Modular design
- Simply extensible
- Written in Java
Additional Windows XP SP3 and Vista Support
- Let joeboxdriver capture runtime behaviour on Windows XP SP3 and Vista
Additional Full Usermode Malware Hooking Configuration
- 166 preconfigured functions
- Wide range from file to object functions
Additional Full Kernelmode Rootkit Hooking Configuration
- Preconfigured functions to analyse kernelmode rootkits
Access to malware binaries
- Getting ongoing access to old and new fresh valuable binaries collected through the online version of Joebox.
Features:
Price: 200.-
SEE DEMO
Features:
Price: 250.-
SEE DEMO
Features:
Price: 1000.- (initial, not montly)
Features:
Price: 100.- (initial, not montly)
Features:
Price: 50.- (initial, not montly)
Features:
Price: 200.- (initial, not montly)
Features:
Price: 200.-