Main Page
From TitanMist
[edit] TitanMist project
Security is notoriously disjointed. Every year, multiple tools and projects are released but not maintained. TitanMist is the opposite. Built on top of TitanEngine, it provides automation and manages all known and good PEID signatures, unpacking scripts and other tools in one unified tool. TitanMist is a nicely packaged, open source catch-all tool that will become your first line of defense. The TitanMist project goes beyond pure tool development - it includes a forum for sharing your information and reverse engineering experience, all built around the biggest online collaborative software packer knowledge base.
With the continuing increase in packed and protected malicious payloads, collaboration and quick response among researchers is critical. With new sample numbers rapidly approaching 40M samples per year, the solution to this problem has to come from the reverse engineers themselves, integrating their past and and current work. Given the scope of the problem, it would be helpful to have huge databases of format identification data and unpacking scripts that can be reused to maximize automation. A common question has been: "where do we find a comprehensive collection of functional tools, identification signatures and unpacking tools, and how do we integrate them in a meaningful and accurate way?"
TitanMist hopes to answer these questions. The project is designed to replicate the reversing process in a way that allows automation - enabling everyone to easily create unpackers and integrate them in an extensible system. The goal is a powerful and fast growing community analysis tool. Overcoming the most basic problems of reverse engineering problems was the top priority for the TitanMist project. Hoping to bridge the programming knowledge barrier, which troubles many reverse engineers, TitanMist allows you to write unpackers in a variety of programming languages.
TitanMist does not limit you to languages that compile to native code, but allows you to use popular and easy-to-learn script languages. Backed up by LUA and Python, this project makes coding unpackers a much simpler task. However the challenge of making TitanMist as easy to adopt and extend as possible meant that we had to go further than simply providing support for multiple programming languages. Knowing that most of reverse engineers are familiar with the debugger-level script language OllyScript we added support for it as well. Combined with the full TitanEngine functionality, these scripts become powerful automated unpackers. When combined with layer-of-file format identification, they create a unique database of file analysis tools.
