MagicUnprotect is a specialized GPT model expert in malware evasion techniques. This GPT's expertise covers a broad range of evasion mechanisms including anti-sandboxing, anti-debugging, process injection, obfuscation, the use of packers, anti-disassembling, anti-forensic, anti-monitoring, as well as techniques for evading antivirus and Endpoint Detection and Response (EDR) systems, and network evasion.
MagicUnprotect provides insights and information on detecting and analyzing these techniques, along with guidance on YARA, Sigma, and Capa rules. The model can also Identify obfuscation algorithms and perform relevant decoding processes. It is based on the knowledgebase available in the Unprotect Project
DLest is a Microsoft Windows application that helps developers and malware analysts analyze and manipulate exported functions in Portable Executable (PE) files, especially DLLs. It allows you to enumerate exported functions using various methods and supports the analysis of memory-loaded modules in real time. It also has the ability to dump a reconstructed version of any module for further analysis. DLest is fully multithreaded and efficient for processing large numbers of PE files. It is useful for developers and malware analysts and streamlines their tasks.