[
{
"path": "README.md",
"content": "# Cybertechniques site pages\n\n## See www.cybertechniques.net for more information\n\n"
},
{
"path": "analysis_tools/bindiff/index.md",
"content": "---\nlayout: default\ntitle: bindiff\npermalink: /analysis_tools/bindiff/\ntags:\n- cybertechniques\n- cyber\n- bindiff\n---\n\nbindiff\n=======\n\nHome Page\n---------\n[bindiff](http://www.zynamics.com/bindiff.html)\n\nDescription\n-----------\nBinDiff is a comparison tool for binary files, that assists vulnerability researchers and engineers to quickly find differences and similarities in disassembled code.\n\nWith BinDiff you can identify and isolate fixes for vulnerabilities in vendor-supplied patches. You can also port symbols and comments between disassemblies of multiple versions of the same binary or use BinDiff to gather evidence for code theft or patent infringement.\n\nScreenshots\n-----------\n{: .imagefull}\n\nDownload Link\n-------------\n[Download](http://www.zynamics.com/software.html)\n"
},
{
"path": "analysis_tools/binvis/index.md",
"content": "---\nlayout: default\ntitle: binvis\npermalink: /analysis_tools/binvis/\ntags:\n- cybertechniques\n- cyber\n- replace-me-tool-name\n---\n\nbinvis\n====================\nSee [scurve](scurve/) also\n\nHome Page\n---------\nhttp://binvis.io/\n\nDescription\n-----------\nWeb based binary analyzer\n\nScreenshots\n-----------\n{: .imagefull}\n\nDownload Link\n-------------\n[binvis](https://github.com/cortesi/scurve/blob/master/binvis)\n"
},
{
"path": "analysis_tools/binviz/index.md",
"content": "---\nlayout: default\ntitle: replace-me-tool-name\npermalink: /analysis_tools/binviz/\ntags:\n- cybertechniques\n- cyber\n- binviz\n---\n\nbinviz\n====================\n\nHome Page\n---------\nNo home page\n\nDescription\n-----------\nNote that binviz is a research prototype\n\nbinviz was written in Visual C# (VS2005 or maybe VS2008). The .zip is the project (source) file so it should load into visual studio and run. There is also a compiled .exe in... /binviz_0.44bw/binviz_0.01/bin/Debug/. You should just be able to double click it and run on a Windows machine. I developed it under XP, but have since used it under Windows 7 and it worked more or less the same. (mouseover event behavior is a little different, but still usable).\n\nUseful Papers\n-------------\nhttp://www.rumint.org/gregconti/publications/taxonomy-bh.pdf\n\nhttp://www.rumint.org/gregconti/publications/2008_VizSEC_FileVisualization_v53_final.pdf\n\nhttp://www.rumint.org/gregconti/publications/200808_binviz38_dc_final.ppt\n\n\nScreenshots\n-----------\n{: .imagefull}\n\nDownload Link\n-------------\n[binviz](http://www.rumint.org/gregconti/publications/binviz_0.zip)\n"
},
{
"path": "analysis_tools/binwalk/index.md",
"content": "---\nlayout: default\ntitle: binwalk\npermalink: /analysis_tools/binwalk/\ntags:\n- cybertechniques\n- cyber\n- binwalk\n---\n\nbindiff\n=======\n\nHome Page\n---------\nhttp://binwalk.org/\n\nDescription\n-----------\nBinwalk is a firmware analysis tool designed for analyzing, reverse engineering and extracting data contained in firmware images.\n\nBinwalk can:\n* Find and extract interesting files / data from binary images\n* Find and extract raw compression streams\n* Identify opcodes for a variety of architectures\n* Perform data entropy analysis\n* Diff an arbitrary number of files\n\nScreenshots\n-----------\n{: .imagefull}\n\nDownload Link\n-------------\n[https://github.com/devttys0/binwalk/releases/latest](https://github.com/devttys0/binwalk/releases/latest)\n\nInstallation\n------------\nSee the [installation documentation](https://raw.githubusercontent.com/devttys0/binwalk/master/INSTALL.md)\n\n```bash\n$ sudo ./deps.sh\n```\n\n```bash\n# Python2.7\n$ sudo python setup.py install\n```\n"
},
{
"path": "analysis_tools/cff-explorer/index.md",
"content": "---\nlayout: default\ntitle: CFF Explorer\npermalink: /analysis_tools/cff-explorer/\ntags:\n- cybertechniques\n- cyber\n- cffexplorer\n---\n\nCFF Explorer\n============\n\nHome Page\n---------\n[CFF Explorer](http://www.ntcore.com/exsuite.php)\n\nDescription\n-----------\nA freeware suite of tools including a PE editor called CFF Explorer and a process viewer.\n\nFeatures:\n* Full support for PE32/64\n* Special fields description and modification (.NET supported)\n* utilities\n* rebuilder\n* hex editor\n* import adder\n* signature scanner\n* signature manager\n* extension support\n* scripting\n* disassembler\n* dependency walker etc.\n\nFirst PE editor with support for .NET internal structures.\nResource Editor (Windows Vista icons supported) capable of handling .NET manifest resources.\n\nScreenshots\n-----------\n{: .imagefull}\n\n{: .imagefull}\n\nDownload Link\n-------------\n[Download](http://www.ntcore.com/files/ExplorerSuite.exe)\n"
},
{
"path": "analysis_tools/exeinfo/index.md",
"content": "---\nlayout: default\ntitle: EXEinfo\npermalink: /analysis_tools/exeinfo/\ntags:\n- cybertechniques\n- cyber\n- exeinfo\n---\n\n\nEXEinfo\n=======\n\nHome Page\n---------\n[EXEinfo](https://sourceforge.net/projects/exeinfope/)\n\nDescription\n-----------\nExEinfo PE Win32 bit identifier by A.S.L. - exe pe checker for packers, exeprotectors, packer detector with solve hint for unpack .\nInternal zip ripper exe pe ripper ...\nVBasicfake sign added.\nMD5 and SHA1 file calculator.\n.NET detector , analyze executable.\nNon executable file detection.\nDetect Internet behavior for updaters and PUA downloaders.\nSmall script Engine for Patch create.\nTruncate file tool and adding overlay to file empty or from file.\n.NET PE save streams to disk.\n\nScreenshots\n-----------\n{: .imagefull}\n\nDownload Link\n-------------\n[Download](http://downloads.sourceforge.net/project/exeinfope/exeinfope.zip)\n"
},
{
"path": "analysis_tools/filealyzer/index.md",
"content": "---\nlayout: default\ntitle: FileAlyzer\npermalink: /analysis_tools/filealyzer/\ntags:\n- cybertechniques\n- cyber\n- filealyzer\n---\n\nFileAlyzer\n==========\n\nHome Page\n---------\n[FileAlyzer](https://www.safer-networking.org/products/filealyzer/)\n\nDescription\n-----------\nFileAlyzer is a tool to analyze files – the name itself was initially just a typo of FileAnalyzer, but after a few days I decided to keep it. FileAlyzer allows a basic analysis of files (showing file properties and file contents in hex dump form) and is able to interpret common file contents like resources structures (like text, graphics, HTML, media and PE).\n\nScreenshots\n-----------\n{: .imagefull}\n\nDownload Link\n-------------\n[Download](http://www.spybotupdates.com/files/filealyz-2.0.5.57.exe#hash%28md5:D670C0B28E93941AD2FFB774DB271486%29)\n"
},
{
"path": "analysis_tools/ida/index.md",
"content": "---\nlayout: default\ntitle: IDA\npermalink: /analysis_tools/ida/\ntags:\n- cybertechniques\n- cyber\n- ida\n---\n\nIDA\n===\n\nHome Page\n---------\n[IDA](https://www.hex-rays.com/products/ida/)\n\nDescription\n-----------\nIDA combines an interactive, programmable, multi-processor\ndisassembler coupled to a local and remote debugger and augmented by a complete plugin\nprogramming environment\n\nScreenshots\n-----------\n{: .imagefull}\n\nDownload Link\n-------------\n[Download](https://out7.hex-rays.com/files/idafree50.exe)\n"
},
{
"path": "analysis_tools/index.md",
"content": "---\nlayout: default\ntitle: Analysis Tools\npermalink: /analysis_tools/\ntags:\n- cybertechniques\n- cyber\n- analysis tools\n---\n\nAnalysis Tools\n==============\n* [BinDiff](bindiff/)\n* [Binwalk](binwalk/)\n* [CFF Explorer](cff-explorer/)\n* [exeinfo](exeinfo/)\n* [filealyzer](filealyzer/)\n* [IDA](ida/)\n* [nwdiff](nwdiff/)\n* [OllyDBG](ollydbg/)\n* [pestudio](pestudio/)\n* [peview](peview/)\n* [Process Monitor](process-monitor/)\n* [scurve](scurve/)\n* [VizBin](vizbin/)\n\n\nPage Template\n-------------\n```\n---\nlayout: default\ntitle: replace-me-tool-name\npermalink: /analysis_tools/replace-me-tool-name/\ntags:\n- cybertechniques\n- cyber\n- replace-me-tool-name\n---\n\nreplace-me-tool-name\n====================\n\nHome Page\n---------\nhttp://replace-me-tool-website/\n\nDescription\n-----------\n\nScreenshots\n-----------\n{: .imagefull}\n\nDownload Link\n-------------\n[replace-me-tool-download-link](#)\n\nInstallation\n------------\n\\`\\`\\`\nspecial install instructions not mentioned on the tools website\n\\`\\`\\`\n```\n"
},
{
"path": "analysis_tools/nwdiff/index.md",
"content": "---\nlayout: default\ntitle: nwdiff\npermalink: /analysis_tools/nwdiff/\ntags:\n- cybertechniques\n- cyber\n- nwdiff\n---\n\n\n\nnwdiff\n======\n\nHome Page\n---------\n[nwdiff](http://www.geocities.jp/belden_dr/ToolNwdiff_Eng.html)\n\nDescription\n-----------\nBinary comparison tool\n\nScreenshots\n-----------\n{: .imagefull}\n\nDownload Link\n-------------\n[Download](http://www.geocities.jp/belden_dr/Nwdiff.lzh)\n"
},
{
"path": "analysis_tools/ollydbg/index.md",
"content": "---\nlayout: default\ntitle: ollydbg\npermalink: /analysis_tools/ollydbg/\ntags:\n- cybertechniques\n- cyber\n- ollydbg\n---\n\nollydbg\n=======\n\nHome Page\n---------\n[ollydbg](http://www.ollydbg.de/)\n\nDescription\n-----------\nHighlights:\n* Intuitive user interface, no cryptical commands\n* Code analysis - traces registers, recognizes procedures, loops, API calls, switches, tables, constants and strings\n* Directly loads and debugs DLLs\n* Object file scanning - locates routines from object files and libraries\n* Allows for user-defined labels, comments and function descriptions\n* Understands debugging information in Borland® format\n* Saves patches between sessions, writes them back to executable file and updates fixups\n* Open architecture - many third-party plugins are available\n* No installation - no trash in registry or system directories\n* Debugs multithread applications\n* Attaches to running programs\n* Configurable disassembler, supports both MASM and IDEAL formats\n* MMX, 3DNow! and SSE data types and instructions, including Athlon extensions\n* Full UNICODE support\n* Dynamically recognizes ASCII and UNICODE strings - also in Delphi format!\n* Recognizes complex code constructs, like call to jump to procedure\n* Decodes calls to more than 1900 standard API and 400 C functions\n* Gives context-sensitive help on API functions from external help file\n* Sets conditional, logging, memory and hardware breakpoints\n* Traces program execution, logs arguments of known functions\n* Shows fixups\n* Dynamically traces stack frames\n* Searches for imprecise commands and masked binary sequences\n* Searches whole allocated memory\n* Finds references to constant or address range\n* Examines and modifies memory, sets breakpoints and pauses program on-the-fly\n* Assembles commands into the shortest binary form\n* Starts from the floppy disk\n\nScreenshots\n-----------\n{: .imagefull}\n\nDownload Link\n-------------\n[Download](http://www.ollydbg.de/odbg110.zip)\n"
},
{
"path": "analysis_tools/pestudio/index.md",
"content": "---\nlayout: default\ntitle: pestudio\npermalink: /analysis_tools/pestudio/\ntags:\n- cybertechniques\n- cyber\n- pestudio\n---\n\npestudio\n========\n\nHome Page\n---------\n[pestudio](https://www.winitor.com/)\n\nDescription\n-----------\npestudio is a tool that is used in many Cyber Emergency Response Teams (CERT) worldwide in order to perform malware initial assessment.\n\nMalicious software often attempts to hide its intents in order to evade early detection and static analysis. In doing so, it often leaves suspicious patterns, unexpected metadata, and sometimes even anomalies.\n\nThe goal of pestudio is to spot these artifacts in order to ease and accelerate the Malware Initial Assessment. The tool uses a powerful parser and a flexible set of configuration files that are used to provide many of indicators and determine thresholds. Since the file being analyzed is never started, you can inspect any unknown or malicious executable file and even ransomware without a risk of infection.\n\nScreenshots\n-----------\n{: .imagefull}\n\nDownload Link\n-------------\n[Download](https://www.winitor.com/tools/pestudio851.zip)\n"
},
{
"path": "analysis_tools/peview/index.md",
"content": "---\nlayout: default\ntitle: peview\npermalink: /analysis_tools/peview/\ntags:\n- cybertechniques\n- cyber\n- peview\n---\n\nPEView\n======\n\nHome Page\n---------\n[pestudio](http://wjradburn.com/software/)\n\nDescription\n-----------\nPEview provides a quick and easy way to view the structure and content of 32-bit Portable Executable (PE) and Component Object File Format (COFF) files. This PE/COFF file viewer displays header, section, directory, import table, export table, and resource information within EXE, DLL, OBJ, LIB, DBG, and other file types.\n\nScreenshots\n-----------\n{: .imagefull}\n\nDownload Link\n-------------\n[Download](http://wjradburn.com/software/PEview.zip)\n"
},
{
"path": "analysis_tools/process-monitor/index.md",
"content": "---\nlayout: default\ntitle: Process Monitor\npermalink: /analysis_tools/process-monitor/\ntags:\n- cybertechniques\n- cyber\n- process monitor\n---\n\n\nProcess Monitor\n===============\n\nHome Page\n---------\n[Process Monitor](https://technet.microsoft.com/en-us/sysinternals/bb896645)\n\nDescription\n-----------\nProcess Monitor is an advanced monitoring tool for Windows that shows real-time file system, Registry and process/thread activity. It combines the features of two legacy Sysinternals utilities, Filemon and Regmon, and adds an extensive list of enhancements including rich and non-destructive filtering, comprehensive event properties such session IDs and user names, reliable process information, full thread stacks with integrated symbol support for each operation, simultaneous logging to a file, and much more. Its uniquely powerful features will make Process Monitor a core utility in your system troubleshooting and malware hunting toolkit.\n\nScreenshots\n-----------\n{: .imagefull}\n\nDownload Link\n-------------\n[Download](https://download.sysinternals.com/files/ProcessMonitor.zip)\n"
},
{
"path": "analysis_tools/scurve/index.md",
"content": "---\nlayout: default\ntitle: scurve\npermalink: /analysis_tools/scurve/\ntags:\n- cybertechniques\n- cyber\n- scurve\n---\n\nscurve\n======\n\nHome Page\n---------\n[bindiff](https://github.com/cortesi/scurve)\n\nDescription\n-----------\nWhat scurve consists of:\n* binvis: Visualize binaries using space-filling curves.\n* colorswatch: Creates a swatch with a visual breakdown of the colours contained in a specified image.\n* cube: Outputs a POV-Ray definition file for drawing 3-dimensional curves.\n* drawcurve: Generates two dimensional lines-and-vertexes drawings of space-filling curves.\n* gray: Prints a bit representation of the Gray codes of a specified bit width.\n* testpattern: Projects a 3-dimensional traversal of the RGB colour cube onto a specified two-dimensional curve.\n\nScreenshots\n-----------\n{: .imagefull}\n\nDownload Link\n-------------\n[Download](https://github.com/cortesi/scurve)\n"
},
{
"path": "analysis_tools/vizbin/index.md",
"content": "---\nlayout: default\ntitle: VizBin\npermalink: /analysis_tools/vizbin/\ntags:\n- cybertechniques\n- cyber\n- vizbin\n---\n\nVizBin\n======\n\nHome Page\n---------\n[VizBin](http://claczny.github.io/VizBin/)\n\nDescription\n-----------\nThe gist of the concept is that VizBin uses the state-of-the-art nonlinear dimension reduction algorithm BH-SNE and appropriate data transformation to visualize (assembled) metagenomic data-inherent clusters.\n\nScreenshots\n-----------\n\n{: .imagefull}\n\nDownload Link\n-------------\n[VizBin](https://github.com/claczny/VizBin/blob/master/VizBin-dist.jar?raw=true)\n"
},
{
"path": "assembly/index.md",
"content": "---\nlayout: default\ntitle: assembly\npermalink: /assembly/\ntags:\n- assembly\n- cybertechniques\n---\n\nAssembly\n========\nWelcome to the assembly page\n\nThe page you are looking for will be at one of the following links:\n\n* [Windows x86](windows/x86/)\n* [Windows x64](windows/x64/)\n* [Linux x32](linux/x86/)\n* [Linux x64](linux/x64/)\n"
},
{
"path": "assembly/linux/index.md",
"content": "---\nlayout: default\ntitle: linux assembly\npermalink: /assembly/linux/\ntags:\n- assembly\n- linux\n---\n\nAssembly - Linux\n================\n\n* [x86](/assembly/linux/x86/)\n* [x64](/assembly/linux/x64/)\n"
},
{
"path": "assembly/linux/x64/index.md",
"content": "---\nlayout: default\ntitle: 64-bit linux assembly\npermalink: /assembly/linux/x64/\ntags:\n- assembly\n- linux\n- 64 bit\n---\n\nAssembly - Linux - 64 bit\n=========================\n"
},
{
"path": "assembly/linux/x86/index.md",
"content": "---\nlayout: default\ntitle: 32-bit linux assembly\npermalink: /assembly/linux/x86/\ntags:\n- assembly\n- linux\n- 32-bit\n---\n\nAssembly - Linux - 32 bit\n=========================\n"
},
{
"path": "assembly/windows/index.md",
"content": "---\nlayout: default\ntitle: Windows Assembly\npermalink: /assembly/windows/\ntags:\n- assembly\n- windows\n---\n\nAssembly - Windows\n================\n\n* [x86](/assembly/windows/x86/)\n* [x64](/assembly/windows/x64/)\n"
},
{
"path": "assembly/windows/x64/index.md",
"content": "---\nlayout: default\ntitle: 64-bit windows assembly\npermalink: /assembly/windows/x64/\ntags:\n- assembly\n- windows\n- 64-bit\n---\n\nAssembly - Windows - 64 bit\n===========================\n"
},
{
"path": "assembly/windows/x86/index.md",
"content": "---\nlayout: default\ntitle: 32-bit windows assembly\npermalink: /assembly/windows/x86/\ntags:\n- assembly\n- windows\n- 32-bit\n---\n\nAssembly - Windows - 32 bit\n===========================\n"
},
{
"path": "binary-analysis/binary-visualization/binvis/index.md",
"content": "---\nlayout: default\ntitle: binvis Tutorial\npermalink: /binary-analysis/binary-visualization/binvis/\ntags:\n- cybertechniques\n- cyber\n- binvis tutorial\n---\n\nbinvis Tutorial\n===============\n\nbinvis options\n--------------\n\n* {: .imagefull}\n\nStep 1\n------\n\n### We start the tutorial by downloading putty\n\n* [putty download](https://the.earth.li/~sgtatham/putty/latest/x86/putty.exe)\n\nStep 2\n------\n\n### Then use upx to pack the putty executable\n\n* {: .imagefull}\n\nStep 3\n------\n\n### Use binvis on the unpacked putty executable\n\n* {: .imagefull}\n\nStep 4\n------\n\n### Run binvis using the packed putty executable\n\nResults\n-------\n\n### For the packed putty you should see a result like the following:\n\n* {: .imagefull}\n\n### For the unpacked putty you should see a result like the following:\n\n* {: .imagefull}\n\n### It is easy to see how there are differences in the visualizations shown between the packed and unpacked putty executables.\n\n"
},
{
"path": "binary-analysis/binary-visualization/binviz/index.md",
"content": "---\nlayout: default\ntitle: binviz Tutorial\npermalink: /binary-analysis/binary-visualization/binviz/\ntags:\n- cybertechniques\n- cyber\n- binviz tutorial\n---\n\nbinviz Tutorial\n===============\n\nStep 1\n------\n\n### We start the tutorial by downloading putty\n\n* [putty download](https://the.earth.li/~sgtatham/putty/latest/x86/putty.exe)\n\nStep 2\n------\n\n### Then use upx to pack the putty executable\n\n* {: .imagefull}\n\nStep 3\n------\n\n### Open the unpacked putty executable using the binviz program
\n### The binviz program has very basic menu options. You can click in the menu to get different windows to be shown or hidden.
\n### An example of the unpacked putty is shown below:\n\n{: .imagefull}\n\n### Below is an example of the packed putty\n\n{: .imagefull}\n\nResults\n-------\n\n### You can see how there are differences in the visualizations shown between the packed and unpacked putty executables.\n"
},
{
"path": "binary-analysis/binary-visualization/binwalk/index.md",
"content": "---\nlayout: default\ntitle: binwalk tutorial\npermalink: /binary-analysis/binary-visualization/binwalk/\ntags:\n- cybertechniques\n- cyber\n- binwalk tutorial\n---\n\nbinwalk Tutorial\n===============\n\nStep 1\n------\n\n### We start the tutorial by downloading putty\n\n* [putty download](https://the.earth.li/~sgtatham/putty/latest/x86/putty.exe)\n\nStep 2\n------\n\n### Then use upx to pack the putty executable\n\n* {: .imagefull}\n\nStep 3\n------\n\n### Use binwalk to see the contents of the unpacked putty executable\n\n{: .imagefull}\n\n### Use binwalk to see the contents of the packed putty executable\n\n{: .imagefull}\n\nResults\n-------\n\n### It is easy to see how just the packing of the executable alters what contents the program is able to easy extract from the executable
\n### Below you can see the graphical results of the unpacked putty executable:\n\n{: .imagefull}\n\n### Below you can see the graphical results of the packed putty executable:\n\n{: .imagefull}\n"
},
{
"path": "binary-analysis/binary-visualization/index.md",
"content": "---\nlayout: default\ntitle: Binary Visualization\npermalink: /binary-analysis/binary-visualization/\ntags:\n- cybertechniques\n- binary analysis\n- binary visualization\n---\n\nBinary Visualization\n====================\nYou can find out more information about the following tools by clicking [here](http://www.cybertechniques.net/analysis_tools/)\n\n### Tool Usage Tutorials\n* [binvis](binvis/)\n* [binviz](binviz/)\n* [binwalk](binwalk/)\n* [vizbin](vizbin/)\n\n"
},
{
"path": "binary-analysis/binary-visualization/vizbin/index.md",
"content": "---\nlayout: default\ntitle: VizBin Tutorial\npermalink: /binary-analysis/binary-visualization/vizbin/\ntags:\n- cybertechniques\n- cyber\n- vizbin tutorial\n---\n\nVizBin Tutorial\n===============\n\nBasic tutorial\n--------------\n\n| Description | Picture |\n|--------------------------- | --------------------------|\n| To run VizBin double click the VizBin-dist.jar icon|{: .imagefull}|\n| Upon your first run, VizBin will initialize the settings only once. This window will not appear in future executions of VizBin. | {: .imagefull} |\n| This is how the main window looks like. | {: .imagefull} |\n| To specify the input sequences in fasta format, click on the \"Choose\" button | {: .imagefull} |\n| Navigate to the directory containing your input sequences in fasta format. Here, we have them in `Desktop/Data/` | {: .imagefull} {: .imagefull} |\n| Choose your file of interest, here `EssentialGenes.fa` | {: .imagefull} |\n| The path to your file of interest should now appear in the \"File to visualize\" box. | {: .imagefull} |\n| To start, simply click on the \"Start\" button. | {: .imagefull} |\n| Upon successful termination, a scatterplot will appear in which you will be able to select your clusters of interest. Please also have a look at the general note below. | {: .imagefull} |\n| Now you can choose your group of points for which you want the corresponding sequences to be exported to a seperate fasta file. Simply use the left mouse-click to create a polygonal selection. All sequences corresponding to the points inside of this polygon will be exported. | {: .imagefull}{: .imagefull}{: .imagefull}{: .imagefull}|\n| Clicking the right mouse button (anywhere within the visualization) will open a menu where you can choose to export your selection. A confirmation window will apear. | {: .imagefull} |\n| Press \"yes\" to continue exporting. Press \"No\" if you want to continue with your selection. Press \"Cancel\" if you want to start with a fresh polygonal selection without saving the current selection. | {: .imagefull} |\n| Finally, choose the destination for your to-be-exported sequences and give the file a name, here `EssentialGenes_Polygon01.fa`. | {: .imagefull} |\n\n#### A general note\n\nWe tried hard such that VizBin would produce identical between different platforms. However, due to various reasons (e.g., different optimizations done by the different (cross-)compilers, different numerical precision) the resulting 2D scatterplots might look slightly different but should be comparable qualitatively. In other words, it can happen that running VizBin on a Linux-machine or on a Windows-machine with the _same_ input fasta file will give you slightly different visualizations. However, the difference should be only in the relative position but not overall shape of the individual clusters. Hence, a particular cluster might not be at the same position on both machines but the clusters should be readily separated from other clusters and thus should be intuitively selectable with the polygon.\n\n### Advanced options\nHere we explain what the additional options (hidden by default) allow you to do. After clicking on \"Show additional options\", you will see different fields which can be modified:\n\n{: .imagefull}\n\n| Option name | Explanation |\n|-----------------|-----------------|\n| Point file (optional) | After computation of the 2D coordinates, this data is available in the `points.txt` file in the temporary directory (see your log-file). Specifying this file here makes VizBin create a visualization based on this previously computed data. A basic check is integrated to verify if the number of sequences specified in the \"File to visualise\" matches the number of points in `points.txt`. However, it is up to you to make sure you are indeed using the same sequences that were used in the initial creation of the chosen `points.txt` file. A future version of VizBin will integrate a convenient way of saving a session including the sequences, computed 2D coordinates etc. |\n| Annotation file (optional) | This file allows you to provide additional information that will the be displayed by size, color, and/or opaqueness of individual points. The format of the file is CSV, i.e., the columns must be separated by a comma. The first line of the file must contain information on what information you provide in which column and only the following types are currently supported and have to be specified exactly as listed: `label`, `length`, `isMarker`, `coverage`, and `gc`. You may provide them in any order, e.g., `coverage,length,label,isMarker`, however, `coverage` and `gc` are mutually **exclusive**. Besides this header line, the following lines must match the order of the contigs in the fasta file and contain the information per column corresponding to the type of that column in the header. Accordingly, the first anntation line corresponds to the first sequence, the second annotation line to the second sequence and so on. You can find an example annotation file in [example dataset AMFJ01](http://claczny.github.io/VizBin/data/AMFJ01.zip).|\n| Kmer length | This specifies the length of the _k_ mer that is used to compute the genomic signature. We found _k_ = 5 to work best. This value can be decreased or increased but bare in mind that the number of possible _k_ mers grows exponentially: 4^5 for _k_ = 4, 4^6 for _k_ = 6 etc. We have **not** yet tested the behavior of the application for larger _k_ than 5. |\n| Merge rev compl | This \"collapses\" _k_-mers and their reverse complements to mitigate strand bias. |\n| PCA columns | This represents the number of dimensions (principal components) that are kept when running the initial PCA. The default of 50 is suggested by the original [BH-SNE publication](http://homepage.tudelft.nl/19j49/t-SNE.html). |\n| Theta | More details on different values of \"Theta\" can be found in the original [BH-SNE publication](http://homepage.tudelft.nl/19j49/t-SNE.html).|\n| Perplexity | More details on different values of \"Perplexity\" can be found in the original [BH-SNE publication](http://homepage.tudelft.nl/19j49/t-SNE.html). As a general note, should you have a small number of sequences, e.g., below 100, then you should decrease the perplexity value. Think of it as the expected number of neighbors. This might help you to choose a reasonable smaller value. Start maybe by decreasing it slowly from the default value. Since you have few sequences, the computation should be fast. |\n| Seed | BH-SNE is solving a non-convex optimization problem. Thus, the solver can end up in a local optimum which must not necessarily be a global optimum. Setting this value to something different than the default of \"0\" allows you to see if a different initialization leads to a markedly improved result. We found that the results are generally robust with respect to different initializations. Please note that the 2D scatterplots will be different in shape but should be qualitatively comparable. Make sure to remember this value and adust it if you want to reproduce results obtained on the same machine.|\n| PCA library | We integrated two libraries for computing the PCA. The default `Mtj` is more efficient, in particular on large datasets This is, among others, due to some optimization we integrated. It should work on all platforms. For legacy reasons, we also provide the PCA version of `EJML`.|\n| Take logarithm of coverage & length? | This option allows you to transform your coverage & length values using the natural logarithm (i.e., at the base `e`. This is enabled by default but should you provide your own transformation of the coverage & length values, simply set it to `No`and VizBin will use the values you specified without any transformation. This option is only effective if you provide an annotation file containing this information, s.a. `Annotation file` above. |\n"
},
{
"path": "binary-analysis/index.md",
"content": "---\nlayout: default\ntitle: Binary Analysis\npermalink: /binary-analysis/\ntags:\n- cybertechniques\n- binary analysis\n---\n\nBinary Analysis\n===============\n\nBinary Visualization\n------------------------\n[Binary Visualization](binary-visualization)\n\n"
},
{
"path": "contact-us.md",
"content": "---\nlayout: default\ntitle: Contact Us\npermalink: /contact-us/\ntags:\n- cybertechniques\n- cyber\n- contact\n---\n\n# Contact Us\n\n## If you would like to contact us, please send an email to: contact@cybertechniques.net\n"
},
{
"path": "history/groups/29A.md",
"content": "---\nlayout: default\ntitle: 29A\npermalink: /history/groups/29A/\ntags:\n- cyber\n---\n\n29A\n===\n\nOrigin\n------\nSpain\n\nDescription\n-----------\nA group that emerged at the end of 1996. Although they were relative newcomers then they now are a dominant group with a lot of viral talent. Well known individuals have joined the group to create viruses from all types. Their four zines contain many viruses and several tutorials. Generally it is very quiet around the group and most activities are seen close to the release of one of their well known e-zines. \"29A\" is hexadecimal for the number \"666\".\n\nWebsite\n-------\nhttp://vxheaven.org/links.php?redir=http://vxheaven.org/29a/\n\nReference\n---------\nhttp://vxheaven.org/vx.php?id=g000\n"
},
{
"path": "history/groups/3C_Group_Cyber_Criminals_Clan.md",
"content": "---\nlayout: default\ntitle: 3C Group (Cyber Criminals Clan)\npermalink: /history/groups/3C_Group_Cyber_Criminals_Clan/\ntags:\n- cyber\n---\n\n3C Group (Cyber Criminals Clan)\n===============================\n\nOrigin\n------\nUnknown\n\nDescription\n-----------\nA group that emerged early 1999. Members are new to the scene and produce viruses with an emphasis on macro viruses. The group also explores the hacking scene. The group was renamed to ZeroGravity early 2000.\n\nWebsite\n-------\nNone\n\nReference\n---------\nhttp://vxheaven.org/vx.php?id=g001\n"
},
{
"path": "history/groups/ANVX.md",
"content": "---\nlayout: default\ntitle: ANVX\npermalink: /history/groups/ANVX/\ntags:\n- cyber\n---\n\nANVX\n====\n\nOrigin\n------\nUnknown\n\nDescription\n-----------\nKnown members: Industry, Retro, DiA, Xyver, s4rin\n\nWebsite\n-------\nNone\n\nReference\n---------\nhttp://vxheaven.org/vx.php?id=ga09\n"
},
{
"path": "history/groups/ARCV_Association_of_Really_Cruel_Viruses.md",
"content": "---\nlayout: default\ntitle: ARCV (Association of Really Cruel Viruses)\npermalink: /history/groups/ARCV_Association_of_Really_Cruel_Viruses/\ntags:\n- cyber\n---\n\nARCV (Association of Really Cruel Viruses)\n==========================================\n\nOrigin\n------\nUnited Kingdom\n\nDescription\n-----------\nVirus authoring group responsible for around 50 viruses. Arrests were made in February 1993.\n\nWebsite\n-------\nNone\n\nReference\n---------\nhttp://vxheaven.org/vx.php?id=ga03\n"
},
{
"path": "history/groups/ASM_Association_of_Satanic_Maniacs.md",
"content": "---\nlayout: default\ntitle: ASM (Association of Satanic Maniacs)\npermalink: /history/groups/ASM_Association_of_Satanic_Maniacs/\ntags:\n- cyber\n---\n\nASM (Association of Satanic Maniacs)\n====================================\n\nOrigin\n------\nUnknown\n\nDescription\n-----------\nVirus oriented group that emerged at the end of 1998. Outside the computer virus scene they are also active in the cracking scene.\n\nMagaizine\n---------\n[DIE Magazine](http://vxheaven.org/vx.php?id=zd03)\n\nWebsite\n-------\nNone\n\nReference\n---------\nhttp://vxheaven.org/vx.php?id=ga05\n"
},
{
"path": "history/groups/AVCR_Amateur_Virus_Creation_Research_Group.md",
"content": "---\nlayout: default\ntitle: AVCR (Amateur Virus Creation & Research Group)\npermalink: /history/groups/AVCR_Amateur_Virus_Creation_Research_Group/\ntags:\n- cyber\n---\n\nAVCR (Amateur Virus Creation & Research Group)\n==============================================\n\nOrigin\n------\nUnited States\n\nDescription\n-----------\nA short lived virus \"research\" group that recently emerged and disappeared in the USA.\n\nWebsite\n-------\nNone\n\nReference\n---------\nhttp://vxheaven.org/vx.php?id=ga07\n"
},
{
"path": "history/groups/AVM_Alternative_Virus_Mafia.md",
"content": "---\nlayout: default\ntitle: AVM (Alternative Virus Mafia)\npermalink: /history/groups/AVM_Alternative_Virus_Mafia/\ntags:\n- cyber\n---\n\nAVM (Alternative Virus Mafia)\n=============================\n\nOrigin\n------\nInternational\n\nDescription\n-----------\nVirus authoring group that emerged at the end of 1998. Information is limited. The group sporadically released material but was not too active in showing a group identity. After the Melissa virus chaos no more was heard from the group.\n\nWebsite\n-------\nNone\n\nReference\n---------\nhttp://vxheaven.org/vx.php?id=ga08\n"
},
{
"path": "history/groups/A_N_O_I_A_New_Order_of_Intelligence.md",
"content": "---\nlayout: default\ntitle: A.N.O.I. (A New Order of Intelligence)\npermalink: /history/groups/A_N_O_I_A_New_Order_of_Intelligence/\ntags:\n- cyber\n---\n\nA.N.O.I. (A New Order of Intelligence)\n======================================\n\nOrigin\n------\nSweden\n\nDescription\n-----------\nVirus authoring group responsible for around 15+ viruses. Formerly known as BetaBoys and F.P.C.P. (Funky Pack of CyberPunks).\n\nWebsite\n-------\nNone\n\nReference\n---------\nhttp://vxheaven.org/vx.php?id=ga02\n"
},
{
"path": "history/groups/Alliance.md",
"content": "---\nlayout: default\ntitle: Alliance\npermalink: /history/groups/Alliance/\ntags:\n- cyber\n---\n\nAlliance\n========\n\nOrigin\n------\nInternational\n\nDescription\n-----------\nA 1996 addition to the virus scene this group is mainly Internet (Web) based. Their members list is long and in a constant state of flux, people seem to come and go around the clock. Among these mainly HPA oriented members only a limited few meddle with viruses. The group is inactive or has been disbanded.\n\nWebsite\n-------\nNone\n\nReference\n---------\nhttp://vxheaven.org/vx.php?id=ga01\n"
},
{
"path": "history/groups/Anarkick_Systems.md",
"content": "---\nlayout: default\ntitle: Anarkick Systems\npermalink: /history/groups/Anarkick_Systems/\ntags:\n- cyber\n---\n\nAnarkick Systems\n================\n\nOrigin\n------\nUnited States\n\nDescription\n-----------\nVirus authoring group responsible for 15+ viruses.\n\nWebsite\n-------\nNone\n\nReference\n---------\nhttp://vxheaven.org/vx.php?id=ga04\n"
},
{
"path": "history/groups/Astigmatizm.md",
"content": "---\nlayout: default\ntitle: Astigmatizm\npermalink: /history/groups/Astigmatizm/\ntags:\n- cyber\n---\n\nAstigmatizm\n===========\n\nOrigin\n------\nPhilippines\n\nDescription\n-----------\nA group of computer science (AMAC and Adamson University) students. A few of their limited number of viruses can be found at their site.\n\nWebsite\n-------\nNone\n\nReference\n---------\nhttp://vxheaven.org/vx.php?id=ga06\n"
},
{
"path": "history/groups/Australian_Institute_of_Hackers.md",
"content": "---\nlayout: default\ntitle: Australian Institute of Hackers\npermalink: /history/groups/Australian_Institute_of_Hackers/\ntags:\n- cyber\n---\n\nAustralian Institute of Hackers\n===============================\n\nOrigin\n------\nAustralia\n\nDescription\n-----------\nDisbanded virus authoring group responsible for, among other things, the Australian Parasite series and several virus tutorials. Dark Fiber for a while ended up with NuKE and continued as a solo / freelance writer.\n\nWebsite\n-------\nNone\n\nReference\n---------\nhttp://vxheaven.org/vx.php?id=ga00\n"
},
{
"path": "history/groups/BHA_Badsector_Hacking_Alliance.md",
"content": "---\nlayout: default\ntitle: BHA (Badsector Hacking Alliance)\npermalink: /history/groups/BHA_Badsector_Hacking_Alliance/\ntags:\n- cyber\n---\n\nBHA (Badsector Hacking Alliance)\n================================\n\nOrigin\n------\nUnknown\n\nDescription\n-----------\nA hacking group that also has an interest in computer viruses. Apparently changed their name to Badsector Networx early 2000.\n\nMagazine\n--------\n[Bad Byte](http://vxheaven.org/vx.php?id=zb00)\n\nWebsite\n-------\nNone\n\nReference\n---------\nhttp://vxheaven.org/vx.php?id=gb00\n"
},
{
"path": "history/groups/Brigada_Ocho.md",
"content": "---\nlayout: default\ntitle: Brigada Ocho\npermalink: /history/groups/Brigada_Ocho/\ntags:\n- cyber\n---\n\nBrigada Ocho\n============\n\nOrigin\n------\nUnknown\n\nDescription\n-----------\nKnown members past and present: alcopaul, arkhangel, energy, secuxp\n\nMagazine\n--------\n[Brigada Ocho](http://vxheaven.org/vx.php?id=zb02)\n\nWebsite\n-------\nNone\n\nReference\n---------\nhttp://vxheaven.org/vx.php?id=gb02\n"
},
{
"path": "history/groups/BzZ.md",
"content": "---\nlayout: default\ntitle: BzZ\npermalink: /history/groups/BzZ/\ntags:\n- cyber\n---\n\nBzZ\n===\n\nOrigin\n------\nRussian Federation\n\nDescription\n-----------\nNot much is known about this virus oriented hacking group. They have produced a virus creation kit (VML)\n\nWebsite\n-------\nNone\n\nReference\n---------\nhttp://vxheaven.org/vx.php?id=gb01\n"
},
{
"path": "history/groups/CVC_Corean_Virus_Club_new.md",
"content": "---\nlayout: default\ntitle: CVC (Corean Virus Club, new)\npermalink: /history/groups/CVC_Corean_Virus_Club_new/\ntags:\n- cyber\n---\n\nCVC (Corean Virus Club, new)\n============================\n\nOrigin\n------\nRepublic Of Korea\n\nDescription\n-----------\nGroup that was created from the remnants of the CVC [Corean Virus Club, old](http://vxheaven.org/vx.php?id=gc03), SVS [Seoul Virus Society](http://vxheaven.org/vx.php?id=gs12) and the recent CVL [Corean Virus Laboratory](http://vxheaven.org/vx.php?id=gc04).\n\nMagazine\n--------\n[CVC/CVL](http://vxheaven.org/vx.php?id=zc07)\n\nWebsite\n-------\nNone\n\nReference\n---------\nhttp://vxheaven.org/vx.php?id=gc02\n"
},
{
"path": "history/groups/CVC_Corean_Virus_Club_old.md",
"content": "---\nlayout: default\ntitle: CVC (Corean Virus Club, old)\npermalink: /history/groups/CVC_Corean_Virus_Club_old/\ntags:\n- cyber\n---\n\nCVC (Corean Virus Club, old)\n============================\n\nOrigin\n------\nRepublic Of Korea\n\nDescription\n-----------\nGroup responsible for a large number of the known Korean viruses. In the beginning of 1998 several members of CVC were arrested by Korean police and the group split up. A new group called CVL emerged after the arrests to continue the work of CVC. Still later members of the old CVC, SVS [Seoul Virus Society](http://vxheaven.org/vx.php?id=gs12) and CVL [Corean Virus Laboratory](http://vxheaven.org/vx.php?id=gc04) started the CVC [Corean Virus Club, new](http://vxheaven.org/vx.php?id=gc02).\n\nWebsite\n-------\nNone\n\nReference\n---------\nhttp://vxheaven.org/vx.php?id=gc03\n"
},
{
"path": "history/groups/CVL_Corean_Virus_Laboratory.md",
"content": "---\nlayout: default\ntitle: CVL (Corean Virus Laboratory)\npermalink: /history/groups/CVL_Corean_Virus_Laboratory/\ntags:\n- cyber\n---\n\nCVL (Corean Virus Laboratory)\n=============================\n\nOrigin\n------\nRepublic Of Korea\n\nDescription\n-----------\nGroup that emerged from the now disbanded CVC. April 1998 members of the CVC [Corean Virus Club, old](http://vxheaven.org/vx.php?id=gc03), SVS [Seoul Virus Society](http://vxheaven.org/vx.php?id=gs12) and CVL started CVC [Corean Virus Club, new](http://vxheaven.org/vx.php?id=gc02).\n\nWebsite\n-------\nNone\n\nReference\n---------\nhttp://vxheaven.org/vx.php?id=gc04\n"
},
{
"path": "history/groups/Computa_GangstaZ.md",
"content": "---\nlayout: default\ntitle: Computa GangstaZ\npermalink: /history/groups/Computa_GangstaZ/\ntags:\n- cyber\n---\n\nComputa GangstaZ\n================\n\nOrigin\n------\nInternational\n\nDescription\n-----------\nA new group that emerged at the end of 1996 among several other groups. As their name already implies they are not exclusively virus oriented but play around in other areas of the HPAVC scene too.\n\nMagazine\n--------\n[Da Holocaust Chronical's](http://vxheaven.org/vx.php?id=zd00)\n\nWebsite\n-------\nNone\n\n"
},
{
"path": "history/groups/Cybernetic_Crew.md",
"content": "---\nlayout: default\ntitle: Cybernetic Crew\npermalink: /history/groups/Cybernetic_Crew/\ntags:\n- cyber\n---\n\nCybernetic Crew\n===============\n\nOrigin\n------\nAustria\n\nDescription\n-----------\nA group of some new and some well known virus authors. Their exploits cover computer viruses, hacking, cracking and phreaking. They can be found at their site.\n\nWebsite\n-------\nNone\n\nReference\n---------\nhttp://vxheaven.org/vx.php?id=gc05\n"
},
{
"path": "history/groups/DAN_Digital_Anarchy.md",
"content": "---\nlayout: default\ntitle: DAN (Digital Anarchy)\npermalink: /history/groups/DAN_Digital_Anarchy/\ntags:\n- cyber\n---\n\nDAN (Digital Anarchy)\n=====================\n\nOrigin\n------\nArgentina\n\nDescription\n-----------\nVirus authoring group responsible for around 50 viruses.\n\nMagazine\n--------\n[Minotauro Magazine](http://vxheaven.org/vx.php?id=zm02)\n\nWebsite\n-------\nNone\n\nReference\n---------\nhttp://vxheaven.org/vx.php?id=gd00\n"
},
{
"path": "history/groups/DDT_(Dichlore_Diphenyl_Trichloretane).md",
"content": "---\nlayout: default\ntitle: DDT (Dichlore Diphenyl Trichloretane)\npermalink: /history/groups/DDT_Dichlore_Diphenyl_Trichloretane/\ntags:\n- cyber\n---\n\nDDT (Dichlore Diphenyl Trichloretane)\n=====================================\n\nOrigin\n------\nSpain\n\nDescription\n-----------\nVirus authoring group that, although active since the end of 1997, emerged on the Internet around October 1998. Activity around the group has ceased and none of the many projects under development have materialized. The demise of DDT was explained by Billy Belcebu in issue #4 of the [29a](http://vxheaven.org/vx.php?id=z001) virus zine.\n\nMagazine\n--------\n[DDT](http://vxheaven.org/vx.php?id=zd01)\n\nWebsite\n-------\nNone\n"
},
{
"path": "history/groups/DIVA_Digital_Indonesian_Vx_Authors.md",
"content": "---\nlayout: default\ntitle: DIVA (Digital Indonesian Vx Authors)\npermalink: /history/groups/DIVA_Digital_Indonesian_Vx_Authors/\ntags:\n- cyber\n---\n\nDIVA (Digital Indonesian Vx Authors)\n====================================\n\nOrigin\n------\nIndonesia\n\nDescription\n-----------\nThis group from the city of Malang, Indonesia was started as an attempt to start a national computer virus group. The only remaining member is looking for membership of another group which will supposedly lead to the disbanding of DIVA.\n\nWebsite\n-------\nNone\n\nReference\n---------\nhttp://vxheaven.org/vx.php?id=gd07\n"
},
{
"path": "history/groups/DVC_Death_Virii_Crew.md",
"content": "---\nlayout: default\ntitle: DVC (Death Virii Crew)\npermalink: /history/groups/DVC_Death_Virii_Crew/\ntags:\n- cyber\n---\n\nDVC (Death Virii Crew)\n======================\n\nOrigin\n------\nRussian Federation\n\nDescription\n-----------\nThis small group originating from the vast Russian country is closely connected to the SG [Stealth Group; former SG World Wide](http://vxheaven.org/vx.php?id=gs01). It is known to have released several viruses and several issues of an E-Zine.\n\nMagazine\n--------\n[Chaos AD](http://vxheaven.org/vx.php?id=zc01)\n\nWebsite\n-------\nNone\n\nReference\n---------\nhttp://vxheaven.org/vx.php?id=gd10\n"
},
{
"path": "history/groups/DVC_Dutch_Virii_Community.md",
"content": "---\nlayout: default\ntitle: DVC (Dutch Virii Community)\npermalink: /history/groups/DVC_Dutch_Virii_Community/\ntags:\n- cyber\n---\n\nDVC (Dutch Virii Community)\n===========================\n\nOrigin\n------\nNetherlands\n\nDescription\n-----------\nGroup of relative newcomers (early 1999) that tries to establish itself in the computer virus scene. Limited group activity has been observed. Limited signs of activity can be found at their site.\n\nWebsite\n-------\nNone\n\nReference\n---------\nhttp://vxheaven.org/vx.php?id=gd09\n"
},
{
"path": "history/groups/DV_Verband_Deutscher_Virenliebhaber_The_German_Association_of_Virus_Lovers.md",
"content": "---\nlayout: default\ntitle: DV Verband Deutscher Virenliebhaber The German Association of Virus Lovers\npermalink: /history/groups/DV_Verband_Deutscher_Virenliebhaber_The_German_Association_of_Virus_Lovers/\ntags:\n- cyber\n---\n\n### Origin\n\n### Description\n\n\n### Website\n\n\n### Reference\n"
},
{
"path": "history/groups/Dark_Conspiracy.md",
"content": "---\nlayout: default\ntitle: Dark Conspiracy\npermalink: /history/groups/Dark_Conspiracy/\ntags:\n- cyber\n---\n\nDark Conspiracy\n===============\n\nOrigin\n------\nInternational\n\nDescription\n-----------\nA short lived addition to the virus writing scene. Disbanded September/October 1996. Several members ended up in both the Living Turmoil and RSA (Ruthless Stealth Angels) virus writing groups which later merged to become LT/RSA [Living Turmoil / Ruthless Stealth Angels](http://vxheaven.org/vx.php?id=gl02).\n\nMagazine\n--------\n[PlasmaMag](http://vxheaven.org/vx.php?id=zp04)\n\nWebsite\n-------\nNone\n\nReference\n---------\nhttp://vxheaven.org/vx.php?id=gd01\n"
},
{
"path": "history/groups/Darkness_Sons.md",
"content": "---\nlayout: default\ntitle: Darkness Sons\npermalink: /history/groups/Darkness_Sons/\ntags:\n- cyber\n---\n\nDarkness Sons\n=============\n\nOrigin\n------\nItaly\n\nDescription\n-----------\nGroup that emerged late 1998, early 1999. They have created some viruses and some simple virus generators (XFVG, AVCC, IPVCK).\n\nWebsite\n-------\nNone\n\nReference\n---------\nhttp://vxheaven.org/vx.php?id=gd02\n"
},
{
"path": "history/groups/Demoralized_Youth.md",
"content": "---\nlayout: default\ntitle: Demoralized Youth\npermalink: /history/groups/Demoralized_Youth/\ntags:\n- cyber\n---\n\nDemoralized Youth\n=================\n\nOrigin\n------\nSweden\n\nDescription\n-----------\nVirus authoring group responsible for 25+ viruses.\n\nWebsite\n-------\nNone\n\nReference\n---------\nhttp://vxheaven.org/vx.php?id=gd04\n"
},
{
"path": "history/groups/Diabolical_Kreations.md",
"content": "---\nlayout: default\ntitle: Diabolical Kreations\npermalink: /history/groups/Diabolical_Kreations/\ntags:\n- cyber\n---\n\nDiabolical Kreations\n====================\n\nOrigin\n------\nParaguay\n\nDescription\n-----------\nApparently a new 'group' that emerged at the end of 1996 among several other groups. Information on the group is limited. Starting member Int13h joined IKX [International Knowledge eXchange](http://vxheaven.org/vx.php?id=gi00).\n\nWebsite\n-------\nNone\n\nReference\n---------\nhttp://vxheaven.org/vx.php?id=gd05\n"
},
{
"path": "history/groups/Diffusion.md",
"content": "---\nlayout: default\ntitle: Diffusion\npermalink: /history/groups/Diffusion/\ntags:\n- cyber\n---\n\nDiffusion\n=========\n\nOrigin\n------\nUnited Kingdom\n\nDescription\n-----------\nA new 'group' that emerged at the beginning of 1998. The group is competent in several computer languages. The first family of macro viruses for MS Access 97 was written by Jerk1N. He changed his handle to Ice Breaker following some hassle resulting from the release of his Access virus.\n\nWebsite\n-------\nNone\n\nReference\n---------\nhttp://vxheaven.org/vx.php?id=gd06\n"
},
{
"path": "history/groups/Divide_By_Zero.md",
"content": "---\nlayout: default\ntitle: Divide By Zero\npermalink: /history/groups/Divide_By_Zero/\ntags:\n- cyber\n---\n\nDivide By Zero\n==============\n\nOrigin\n------\nRussian Federation\n\nDescription\n-----------\n\nMagazine\n--------\n[Divide by Zero Zine](http://vxheaven.org/vx.php?id=zd04)\n\nWebsite\n-------\nNone\n\nReference\n---------\nhttp://vxheaven.org/vx.php?id=gd08\n"
},
{
"path": "history/groups/Doom_Riderz.md",
"content": "---\nlayout: default\ntitle: Doom Riderz\npermalink: /history/groups/Doom_Riderz/\ntags:\n- cyber\n---\n\nDoom Riderz\n===========\n\nOrigin\n------\nUnknown\n\nDescription\n-----------\n\n\nMagazine\n--------\n[DoomRiderz](http://vxheaven.org/vx.php?id=gd11)\n\nWebsite\n-------\nNone\n\nReference\n---------\nhttp://vxheaven.org/vx.php?id=gd11\n"
},
{
"path": "history/groups/Electrical_Ordered_Freedom.md",
"content": "---\nlayout: default\ntitle: Electrical Ordered Freedom\npermalink: /history/groups/Electrical_Ordered_Freedom/\ntags:\n- cyber\n---\n\nElectrical Ordered Freedom\n==========================\n\nOrigin\n------\nA note from their site:\n\nEOF stands for Electrical Ordered Freedom and was founded in 2006, we are a team of people interested in virus coding and underground security, our aim is to make a website to provide others with knowledge about those and similar topics and share information.\n\nThis site contains source codes, articles and binaries, which may be able to damage computers, mobile phones and other devices. If you use anything from our site, we do not care about any damage you or other people might get of these files. All files are published for educational purposes only and not to damage anything or anybody.\n\nKnown members: SkyOut, RadiatioN, Berniee/Fakedminded, Sk0r/Czybik, Izee, WarGame, Nibble, Psyco_Rabbit\n\nDescription\n-----------\n\nMagazine\n--------\n[Electrical Ordered Freedom](http://vxheaven.org/vx.php?id=ze02)\n\nWebsite\n-------\nNone\n\nReference\n---------\nhttp://vxheaven.org/vx.php?id=ge00\n"
},
{
"path": "history/groups/FCF_Fearless_Criminal_Force_Formaters_Cracking_Force.md",
"content": "---\nlayout: default\ntitle: FCF (Fearless Criminal Force, Formater's Cracking Force)\npermalink: /history/groups/FCF_Fearless_Criminal_Force_Formaters_Cracking_Force/\ntags:\n- cyber\n---\n\nFCF (Fearless Criminal Force, Formater's Cracking Force)\n========================================================\n\nOrigin\n------\nHungary\n\nDescription\n-----------\nThis small group cracking group has started activities in the VX scene. One of their members is a well known virus trader and creator of the [Virus Sorter New Generation](http://vxheaven.org/vx.php?id=uv00) collection tool.\n\nMagazine\n--------\n[FCF E-Zine](http://vxheaven.org/vx.php?id=zf00)\n\nWebsite\n-------\nNone\n\nReference\n---------\nhttp://vxheaven.org/vx.php?id=gf00\n"
},
{
"path": "history/groups/FS_Feathered_Serpents.md",
"content": "---\nlayout: default\ntitle: FS (Feathered Serpents)\npermalink: /history/groups/FS_Feathered_Serpents/\ntags:\n- cyber\n---\n\nFS (Feathered Serpents)\n=======================\n\nOrigin\n------\nInternational\n\nDescription\n-----------\nThis group emerged late 1997 and has several well known figures from other VX groups as members. No group activity has been observed lately.\n\nMagazine\n--------\n[Natural Selection](http://vxheaven.org/vx.php?id=zn06)\n\nWebsite\n-------\nNone\n\nReference\n---------\nhttp://vxheaven.org/vx.php?id=gf01\n"
},
{
"path": "history/groups/Familia.md",
"content": "---\nlayout: default\ntitle: Familia\npermalink: /history/groups/Familia/\ntags:\n- cyber\n---\n\nFamilia\n=======\n\nOrigin\n------\nItaly\n\nDescription\n-----------\nNew group that emerged early 2000. This group is not produce viruses, but from the october 2000 they start to produce zine.\n\nMagazine\n--------\n[Mater](http://vxheaven.org/vx.php?id=zm07)\n\nWebsite\n-------\nNone\n\nReference\n---------\nhttp://vxheaven.org/vx.php?id=gf02\n"
},
{
"path": "history/groups/Gedzac.md",
"content": "---\nlayout: default\ntitle: Gedzac\npermalink: /history/groups/Gedzac/\ntags:\n- cyber\n---\n\nGedzac\n======\n\nOrigin\n------\nUnknown\n\nDescription\n-----------\n\nMagazine\n--------\n[Mitosis](http://vxheaven.org/vx.php?id=zm08)\n\nWebsite\n-------\n\nReference\n---------\nhttp://vxheaven.org/vx.php?id=gg01\n"
},
{
"path": "history/groups/Genesis.md",
"content": "---\nlayout: default\ntitle: Genesis\npermalink: /history/groups/Genesis/\ntags:\n- cyber\n---\n\nGenesis\n=======\n\nOrigin\n------\nUnited Kingdom\n\nDescription\n-----------\nBritish virus writing group, that in the end of 1996 ended up merging with [Immortal Riot](http://vxheaven.org/vx.php?id=gi02) resulting in IR/G [Immortal Riot/Genesis](http://vxheaven.org/vx.php?id=gi05).\n\nWebsite\n-------\n\nReference\n---------\nhttp://vxheaven.org/vx.php?id=gg00\n"
},
{
"path": "history/groups/HCDS.md",
"content": "---\nlayout: default\ntitle: HCDS\npermalink: /history/groups/HCDS/\ntags:\n- cyber\n---\n\nHCDS\n====\n\nOrigin\n------\nUnknown\n\nDescription\n-----------\nVery little activity has been observed lately.\n\nWebsite\n-------\nNone\n\nReference\n---------\nhttp://vxheaven.org/vx.php?id=gh04\n"
},
{
"path": "history/groups/HTC_95.md",
"content": "---\nlayout: default\ntitle: HTC '95\npermalink: /history/groups/HTC_95/\ntags:\n- cyber\n---\n\nHTC '95\n=======\n\nOrigin\n------\nUnited States\n\nDescription\n-----------\nNew group that emerged in 1995. Creators of Virus Lab Creations (VLC). Not heard from recently.\n\nWebsite\n-------\nNone\n\nReference\n---------\nhttp://vxheaven.org/vx.php?id=gh03\n"
},
{
"path": "history/groups/HVM_Hungarian_Virus_Acade_my.md",
"content": "---\nlayout: default\ntitle: HVM (Hungarian Virus Acade my)\npermalink: /history/groups/HVM_Hungarian_Virus_Acade_my/\ntags:\n- cyber\n---\n\nHVM (Hungarian Virus Acade my)\n==============================\n\nOrigin\n------\nHungary\n\nDescription\n-----------\nExact details of this group are unknown. The Typebug.951 virus by Zymotic is known.\n\nWebsite\n-------\nNone\n\nReference\n---------\nhttp://vxheaven.org/vx.php?id=gh05\n"
},
{
"path": "history/groups/Hackerz_Networx.md",
"content": "---\nlayout: default\ntitle: Hackerz Networx\npermalink: /history/groups/Hackerz_Networx/\ntags:\n- cyber\n---\n\nHackerz Networx\n===============\n\nOrigin\n------\nPhilippines\n\nDescription\n-----------\nNew group that emerged early 1999. They have written several viruses and were about to release a virus creation kit for Windows when their Internet presence was suddenly ended by unknown causes. After a short period of absence signs of activity can be found at their site.\n\nWebsite\n-------\n\nReference\n---------\nhttp://vxheaven.org/vx.php?id=gh00\n"
},
{
"path": "history/groups/Hail_and_Kill.md",
"content": "---\nlayout: default\ntitle: Hail and Kill\npermalink: /history/groups/Hail_and_Kill/\ntags:\n- cyber\n---\n\nHail and Kill\n=============\n\nOrigin\n------\nSpain\n\nDescription\n-----------\nNew group that emerged in 1998. Remnants of their website can be found although activity there has been limited. Bumblebee has been active as a solo virus writer.\n\nMagazine\n--------\n[Mors Ultima Ratio](http://vxheaven.org/vx.php?id=zm04)\n\nWebsite\n-------\nNone\n\nReference\n---------\nhttp://vxheaven.org/vx.php?id=gh01\n"
},
{
"path": "history/groups/Hazard.md",
"content": "---\nlayout: default\ntitle: Hazard\npermalink: /history/groups/Hazard/\ntags:\n- cyber\n---\n\nHazard\n======\n\nOrigin\n------\nUkraine\n\nDescription\n-----------\nA group that emerged early 1999. The group is not only interested in computer viruses but also programs software cracks. Deviator is the only virus producing member and also produced the SME and SMM mutation engines.\n\nWebsite\n-------\n\nReference\n---------\nhttp://vxheaven.org/vx.php?id=gh02\n"
},
{
"path": "history/groups/IKX_International_Knowledge_eXchange.md",
"content": "---\nlayout: default\ntitle: IKX (International Knowledge eXchange)\npermalink: /history/groups/IKX_International_Knowledge_eXchange/\ntags:\n- cyber\n---\n\nIKX (International Knowledge eXchange)\n======================================\n\nOrigin\n------\nInternational\n\nDescription\n-----------\nThis 1996 addition to the virus scene the group is was initially mainly Internet (Web) based. Their members meddle in most areas of the HPAV scene, as does their E-zine \"Xine\".\n\nMagazine\n--------\n[Xine]()\n\nWebsite\n-------\nNone\n\nReference\n---------\nhttp://vxheaven.org/vx.php?id=gi00\n"
},
{
"path": "history/groups/IR_G_Immortal_Riot_Genesis.md",
"content": "---\nlayout: default\ntitle: IR/G (Immortal Riot/Genesis)\npermalink: /history/groups/IR_G_Immortal_Riot_Genesis/\ntags:\n- cyber\n---\n\nIR/G (Immortal Riot/Genesis)\n============================\n\nOrigin\n------\nInternational\n\nDescription\n-----------\nMade up out of members of the well known groups [Immortal Riot](http://vxheaven.org/vx.php?id=gi02), [Genesis](http://vxheaven.org/vx.php?id=gg00) and complemented with some solo virus writers this group looks like it will continue the practice of well written viruses en VX E-Zines.\n\nWebsite\n-------\nNone\n\nReference\n---------\nhttp://vxheaven.org/vx.php?id=gi05\n"
},
{
"path": "history/groups/Immortal_EAS.md",
"content": "---\nlayout: default\ntitle: Immortal EAS\npermalink: /history/groups/Immortal_EAS/\ntags:\n- cyber\n---\n\nImmortal EAS\n============\n\nOrigin\n------\nNetherlands\n\nDescription\n-----------\nVirus authoring group that emerged in the Netherlands. 10 to 15 viruses produced by this group are known. Released a new virus creation tool, [Immortal EAS Virus Creation Centre](http://vxheaven.org/vx.php?id=ti00). Not heard of recently, probably disbanded.\n\nMagazine\n--------\n[Immortal EAS Virus Magazine](http://vxheaven.org/vx.php?id=zi00)\n\nWebsite\n-------\nNone\n"
},
{
"path": "history/groups/Immortal_Riot.md",
"content": "---\nlayout: default\ntitle: Immortal Riot\npermalink: /history/groups/Immortal_Riot/\ntags:\n- cyber\n---\n\nImmortal Riot\n=============\n\nOrigin\n------\nSweden\n\nDescription\n-----------\nVirus authoring group responsible for many viruses. In the end of 1996 the group \"merged\" with Genesis and some solo virus writers and continued as IR/G (Immortal Riot/Genesis). Lately rumors have surfaced that after the demise of IR/G IR is starting a second life.\n\nMagazine\n--------\n[Insane Reality Magazine](http://vxheaven.org/vx.php?id=zi03)\n\nWebsite\n-------\nNone\n\nReference\n---------\nhttp://vxheaven.org/vx.php?id=gi02\n"
},
{
"path": "history/groups/Intergang.md",
"content": "---\nlayout: default\ntitle: Intergang\npermalink: /history/groups/Intergang/\ntags:\n- cyber\n---\n\nIntergang\n=========\n\nOrigin\n------\nUnknown\n\nDescription\n-----------\nInformation on this group is limited. Initially this group only collected viruses and but later started creating them. Activity disappeared after the Melissa clamp down. Their \"retirement\" announcement can be found at their site.\n\nWebsite\n-------\nNone\n\nReference\n---------\nhttp://vxheaven.org/vx.php?id=gi03\n"
},
{
"path": "history/groups/Invaders.md",
"content": "---\nlayout: default\ntitle: Invaders\npermalink: /history/groups/Invaders/\ntags:\n- cyber\n---\n\nInvaders\n========\n\nOrigin\n------\n\nDescription\n-----------\nThis group never really succeeded in presenting a real identity and was disbanded while in the process of starting out. Buz is now a member of FS [Feathered Serpents](http://vxheaven.org/vx.php?id=gf01), Mandragore moved via DDT (Dichlore Diphenyl Trichloretane) also to FS [Feathered Serpents](http://vxheaven.org/vx.php?id=gf01), T-2000 is rumored to be blowing life back into [Immortal Riot](http://vxheaven.org/vx.php?id=gi02) and Midnyte joined UCSI [Ultimate Chaos Security International](http://vxheaven.org/vx.php?id=gu00).\n\nWebsite\n-------\nNone\n\nReference\n---------\nhttp://vxheaven.org/vx.php?id=gi04\n"
},
{
"path": "history/groups/Italian_Virus_Research_Laboratory.md",
"content": "---\nlayout: default\ntitle: Italian Virus Research Laboratory\npermalink: /history/groups/Italian_Virus_Research_Laboratory/\ntags:\n- cyber\n---\n\nItalian Virus Research Laboratory\n=================================\n\nOrigin\n------\nItaly\n\nDescription\n-----------\nVirus authoring / writer group responsible for more than 25 mainly hacks of known viruses.\n\nWebsite\n-------\nNone\n\nReference\n---------\nhttp://vxheaven.org/vx.php?id=gi06\n"
},
{
"path": "history/groups/JVS_Janus_Virus_Syndicate.md",
"content": "---\nlayout: default\ntitle: JVS (Janus Virus Syndicate)\npermalink: /history/groups/JVS_Janus_Virus_Syndicate/\ntags:\n- cyber\n---\n\n## JVS (Janus Virus Syndicate)\n\n### Origin\nUnknown\n\n### Description\nVirus authoring / writer group which emerged at the end of 1998. The group has released their first ezine and was working on a website. Apparently the group fell apart shortly after it emergence and some members had and still have connections with TI.\n\n### Magazine\n[Janus](http://vxheaven.org/vx.php?id=zj00)\n\n### Website\nNone\n\n### Reference\nhttp://vxheaven.org/vx.php?id=gj00\n"
},
{
"path": "history/groups/K_P_V_Team.md",
"content": "---\nlayout: default\ntitle: K.P.V. Team\npermalink: /history/groups/K_P_V_Team/\ntags:\n- cyber\n---\n\n## K.P.V. Team\n\n### Origin\nMalaysia\n\n### Description\nVirus authoring / writer group responsible for several Trojan Horse creators and the Odyseus Macro Virus Creation Kit.\n\n### Website\nNone\n\n### Reference\nhttp://vxheaven.org/vx.php?id=gk01\n"
},
{
"path": "history/groups/LT_RSA_Living_Turmoil_Ruthless_Stealth_Angels.md",
"content": "---\nlayout: default\ntitle: LT/RSA (Living Turmoil / Ruthless Stealth Angels)\npermalink: /history/groups/LT_RSA_Living_Turmoil_Ruthless_Stealth_Angels/\ntags:\n- cyber\n---\n\n## LT/RSA (Living Turmoil / Ruthless Stealth Angels)\n\n### Origin\nInternational\n\n### Description\nThe result of the merger of [Living Turmoil](http://vxheaven.org/vx.php?id=gl01) and RSA [Ruthless Stealth Angels](http://vxheaven.org/vx.php?id=gr02). Many ex-members of [Dark Conspiracy](http://vxheaven.org/vx.php?id=gd01) found a home here after the death of their group. After an inactive period Living Turmoil started back up in the beginning of 1997. RSA [Ruthless Stealth Angels](http://vxheaven.org/vx.php?id=gr02) was initially inactive as well but started back up early/middle 1997.\n\n### Website\nNone\n\n### Reference\nhttp://vxheaven.org/vx.php?id=gl02\n"
},
{
"path": "history/groups/LineZer0_VX_Team.md",
"content": "---\nlayout: default\ntitle: LineZer0 VX Team\npermalink: /history/groups/LineZer0_VX_Team/\ntags:\n- cyber\n---\n\n## LineZer0 VX Team\n\n### Origin\nInternational\n\n### Description\nPart of the LineZer0 Network this computer virus branch is active in macro viruses, macro virus creation kits and ASM viruses. Activity of the group came to almost a standstill early 2000. Limited signs of activity can be found at their site.\n\n### Magazine\n[Line Zero](http://vxheaven.org/vx.php?id=zl01)\n\n### Website\nNone\n\n### Reference\nhttp://vxheaven.org/vx.php?id=gl00\n"
},
{
"path": "history/groups/Living_Turmoil.md",
"content": "---\nlayout: default\ntitle: Living Turmoil\npermalink: /history/groups/Living_Turmoil/\ntags:\n- cyber\n---\n\n## Living Turmoil\n\n### Origin\nInternational\n\n### Description\nAfter a bumpy road that started with Dark Conspiracy, stopped at Living Turmoil and LT/RSA (Living Turmoil / Ruthless Stealth Angels) the group emerged back on the scene in the beginning of 1997 as Living Turmoil. Remnants of the group can be found at their site.\n\n### Website\nNone\n\n### Reference\nhttp://vxheaven.org/vx.php?id=gl01\n"
},
{
"path": "history/groups/Mandragora.md",
"content": "---\nlayout: default\ntitle: Mandragora\npermalink: /history/groups/Mandragora/\ntags:\n- cyber\n---\n\n## Mandragora\n\n### Origin\nParaguay\n\n### Description\nOne of the few manifestations of a computer virus scene in South America. Details about this group are unknown. Some of the Xav virus strain were released by members of this group.\n\n### Website\nNone\n\n### Reference\nhttp://vxheaven.org/vx.php?id=gm00\n"
},
{
"path": "history/groups/Matrix.md",
"content": "---\nlayout: default\ntitle: Matrix\npermalink: /history/groups/Matrix/\ntags:\n- cyber\n---\n\n## Matrix\n\n### Origin\nRussian Federation\n\n### Description\nGroup that started November 1st 1999. Ultras is known for his macro virus work. (UCK, UAMP, UMPE, UMP, UHE, ME, MUCK, AMG, ZSZPE).\n\n### Magazine\n[Matrix Zine](http://vxheaven.org/vx.php?id=zm00)\n\n### Website\nNone\n\n### Reference\nhttp://vxheaven.org/vx.php?id=gm01\n"
},
{
"path": "history/groups/Metaphase_VX_Team.md",
"content": "---\nlayout: default\ntitle: Metaphase VX Team\npermalink: /history/groups/Metaphase_VX_Team/\ntags:\n- cyber\n---\n\n## Metaphase VX Team\n\n### Origin\nUnited States\n\n### Description\nA 1998 addition to the virus scene this group combines the 'talents' of several solo virus creators. After minor signs of activity late 1999 the group has again lapsed into dormancy.\n\n### Website\nNone\n\n### Reference\nhttp://vxheaven.org/vx.php?id=gm02\n"
},
{
"path": "history/groups/Mikees_World.md",
"content": "---\nlayout: default\ntitle: Mikee's World\npermalink: /history/groups/Mikees_World/\ntags:\n- cyber\n---\n\n## Mikee's World\n\n### Origin\nInternational\n\n### Description\nGroup that was started by Mikee early 1998. No activity has been observed lately.\n\n### Website\nNone\n\n### Reference\nhttp://vxheaven.org/vx.php?id=gm03\n"
},
{
"path": "history/groups/Misdirected_Youth.md",
"content": "---\nlayout: default\ntitle: Misdirected Youth\npermalink: /history/groups/Misdirected_Youth/\ntags:\n- cyber\n---\n\n## Misdirected Youth\n\n### Origin\nRussian Federation\n\n### Description\nLittle information is known about this group. Mongoose is an active participant in the Top Device Online project.\n\n### Magazine\n[Social Distortion](http://vxheaven.org/vx.php?id=zs03)\n\n### Website\nNone\n\n### Reference\nhttp://vxheaven.org/vx.php?id=gm04\n"
},
{
"path": "history/groups/NoP.md",
"content": "---\nlayout: default\ntitle: NoP\npermalink: /history/groups/NoP/\ntags:\n- cyber\n---\n\n## NoP\n\n### Origin\nInternational\n\n### Description\nMarch 1998 group that joined some well known members. Virogen quit producing viral material and is now mainly known for his 32-bit programming. Disbanded in the end of 1999.\n\n### Website\nNone\n\n### Reference\nhttp://vxheaven.org/vx.php?id=gn01\n"
},
{
"path": "history/groups/No_Mercy.md",
"content": "---\nlayout: default\ntitle: No Mercy\npermalink: /history/groups/No_Mercy/\ntags:\n- cyber\n---\n\n## No Mercy\n\n### Origin\nIndonesia\n\n### Description\nGroup that slowly emerged in 1996. Responsible for many WordBasic macro viruses, the CVCK and NEG virus creation kits and the NVLR database. The group went dormant in the midst of the Indonesian political unrest late 1999. Signs of activity can still be found at their site or [here](http://www.coderz.net/foxz)\n\n### Website\nNo\n\n### Reference\nhttp://vxheaven.org/vx.php?id=gn00\n"
},
{
"path": "history/groups/NuKE.md",
"content": "---\nlayout: default\ntitle: NuKE\npermalink: /history/groups/NuKE/\ntags:\n- cyber\n---\n\n## NuKE\n\n### Origin\nInternational\n\n### Description\nVirus authoring group with members spread around the world responsible for an unknown large number of viruses. Group member Nowhere Man released the first virus construction kit in 1992, Virus Creation Lab 1.0. Some individual members are still working the VX scene but the group is either inactive or has been disbanded.\n\n### Website\nNone\n\n### Reference\nhttp://vxheaven.org/vx.php?id=gn02\n"
},
{
"path": "history/groups/PVW_Pinoy_Virus_Writers.md",
"content": "---\nlayout: default\ntitle: PVW (Pinoy Virus Writers)\npermalink: /history/groups/PVW_Pinoy_Virus_Writers/\ntags:\n- cyber\n---\n\n## PVW (Pinoy Virus Writers)\n\n### Origin\nPhilippines\n\n### Description\nStarted by two virus writers from the Philippines this group mainly covers the Philipino virus scene.\n\n### Magazine\n[Pinoy Virus Writers Magazine](http://vxheaven.org/vx.php?id=zp03)\n\n### Website\nNone\n\n### Reference\nhttp://vxheaven.org/vx.php?id=gp01\n"
},
{
"path": "history/groups/Phalcon-Skism.md",
"content": "---\nlayout: default\ntitle: Phalcon-Skism\npermalink: /history/groups/Phalcon-Skism/\ntags:\n- cyber\n---\n\n## Phalcon-Skism\n\n### Origin\nUnited States\n\n### Description\nOne of the first and more notorious virus authoring groups it started as a merger of the hacking group Phalcon and the virus writers from SKISM (Smart Kids Into Sick Methods) and has an international. Continous competition and \"flaming\" went on between Phalcon-Skism and [NuKE](http://vxheaven.org/vx.php?id=gn02), resulting in many viruses and two competing virus creation tools, Virus Creation Lab and Phalcon/Skism Mass-Produced Code Generator. Some individual members are still working the VX scene but the group is either inactive or has been disbanded.\n\n### Magazine\n40hex\n\n### Website\n\n\n### Reference\n"
},
{
"path": "history/groups/Power_Empire_Virii_Faction.md",
"content": "---\nlayout: default\ntitle: Power Empire Virii Faction\npermalink: /history/groups/Power_Empire_Virii_Faction/\ntags:\n- cyber\n---\n\n## Power Empire Virii Faction\n\n### Origin\nInternational\n\n### Description\nAs part of the larger Power Empire group this \"faction\" is responsible for the virus creation. Several \"regular\" and macro viruses by this group are known. The members started Codebreakers September/October 1997.\n\n### Website\nNone\n\n### Reference\nhttp://vxheaven.org/vx.php?id=gp02\n"
},
{
"path": "history/groups/Power_Heap_Research.md",
"content": "---\nlayout: default\ntitle: Power Heap Research\npermalink: /history/groups/Power_Heap_Research/\ntags:\n- cyber\n---\n\n## Power Heap Research\n\n### Origin\nRussian Federation\n\n### Description\n\n### Magazine\n[Infected E-Burg](http://vxheaven.org/vx.php?id=zi05)\n\n### Website\nNone\n\n### Reference\nhttp://vxheaven.org/vx.php?id=gp03\n"
},
{
"path": "history/groups/RSA_Ruthless_Stealth_Angels.md",
"content": "---\nlayout: default\ntitle: RSA (Ruthless Stealth Angels)\npermalink: /history/groups/RSA_Ruthless_Stealth_Angels/\ntags:\n- cyber\n---\n\n## RSA (Ruthless Stealth Angels)\n\n### Origin\nUkraine\n\n### Description\nAfter a short inactive period after the split with Living Turmoil this group became active again early/middle 1997.\n\n### Magazine\n[RSA](http://vxheaven.org/vx.php?id=zr02)\n\n### Website\nNone\n\n### Reference\nhttp://vxheaven.org/vx.php?id=gr02\n"
},
{
"path": "history/groups/RVM_Russian_Virus_Makers.md",
"content": "---\nlayout: default\ntitle: RVM (Russian Virus Makers)\npermalink: /history/groups/RVM_Russian_Virus_Makers/\ntags:\n- cyber\n---\n\n## RVM (Russian Virus Makers)\n\n### Origin\nRussian Federation\n\n### Description\nUnknown. Apparently an unsuccessful attempt to start a group.\n\n### Website\nNone\n\n### Reference\nhttp://vxheaven.org/vx.php?id=gr03\n"
},
{
"path": "history/groups/Rabid.md",
"content": "---\nlayout: default\ntitle: Rabid\npermalink: /history/groups/Rabid/\ntags:\n- cyber\n---\n\n## Rabid\n\n### Origin\nUnited States\n\n### Description\nVirus authoring group from the early nineties responsible for around 30+ viruses. The group is either inactive or has been disbanded.\n\n### Magazine\n[Censor](http://vxheaven.org/vx.php?id=zc00)\n\n### Website\nNone\n\n### Reference\nhttp://vxheaven.org/vx.php?id=gr00\n"
},
{
"path": "history/groups/Ready_Rangers_Liberation_Front.md",
"content": "---\nlayout: default\ntitle: Ready Rangers Liberation Front\npermalink: /history/groups/Ready_Rangers_Liberation_Front/\ntags:\n- cyber\n---\n\n## Ready Rangers Liberation Front\n\n### Origin\nUnknown\n\n### Description\nKnown members (past and present): adious, AlcoPaul, assassin007, BlueOwl, cyneox, DiA, disk0rdia, Dolomite, dr.g0nZo, DvL, El DudErin0, Energy, Industry, Kefi, Maniac89, Necronomikon, Ne0, PetiK, philet0ast3r, ppacket, pRe4Ch_0_23, psychologic, rastafarie, Retro, Second Part To Hell, sinBrain, TeAgeCe, Zed\n\n### Website\nhttp://vxheaven.org/rrlf/\n\n### Reference\nhttp://vxheaven.org/vx.php?id=gr04\n"
},
{
"path": "history/groups/Rioters.md",
"content": "---\nlayout: default\ntitle: Rioters\npermalink: /history/groups/Rioters/\ntags:\n- cyber\n---\n\n## Rioters\n\n### Origin\nRussian Federation\n\n### Description\nNew group that started out in March 1998. Ultras has written the Ultras Construction Kit (UCK) and several macro viruses. Apparently this group was short lived. After a brief stay with SOS (Sign Of Scream) and a period of independance Ultras started his own group, Matrix.\n\n### Website\nNone\n\n### Reference\nhttp://vxheaven.org/vx.php?id=gr01\n"
},
{
"path": "history/groups/SG_Stealth_Group_former_SG_World_Wide.md",
"content": "---\nlayout: default\ntitle: SG (Stealth Group; former SG World Wide)\npermalink: /history/groups/SG_Stealth_Group_former_SG_World_Wide/\ntags:\n- cyber\n---\n\n## SG (Stealth Group; former SG World Wide)\n\n### Origin\nRussian Federation\n\n### Description\nA early to mid '90's addition to the virus writing scene. Initially only known in the Ukranian/Russian scene they later spread to the rest of the world. After an extended period of online inactivity in the late '90's renewed signs of activity of this \"cyberunderground\" group can be found at their site.\n\n### Magazine\n[Infected Voice](http://vxheaven.org/vx.php?id=zi01)\n\n### Website\nNone\n\n### Reference\nhttp://vxheaven.org/vx.php?id=gs01\n"
},
{
"path": "history/groups/SLAM.md",
"content": "---\nlayout: default\ntitle: SLAM\npermalink: /history/groups/SLAM/\ntags:\n- cyber\n---\n\n## SLAM\n\n### Origin\nInternational\n\n### Description\nA new Internet based group that emerged at the end of 1996 among several other groups. Ex-members of VBB found a new home in this group. Although the group initially started out with an emphasis on macro viruses SLAM issue #3 showed the group also embracing the more traditional coded viruses. Additional information on the group is limited.\n\n### Website\nNone\n\n### Reference\nhttp://vxheaven.org/vx.php?id=gs06\n"
},
{
"path": "history/groups/SMF.md",
"content": "---\nlayout: default\ntitle: SMF\npermalink: /history/groups/SMF/\ntags:\n- cyber\n---\n\n## SMF\n\n### Origin\nRussian Federation\n\n### Description\nA group that started in the middle of 1998. Not all of its activities are computer viruses related and one member is responsible for the majority of its viral output.\n\n### Magazine\n[Duke Virus Lab](http://vxheaven.org/vx.php?id=zd05)\n\n### Website\nNone\n\n### Reference\nhttp://vxheaven.org/vx.php?id=gs07\n"
},
{
"path": "history/groups/SOS_Sign_Of_Scream.md",
"content": "---\nlayout: default\ntitle: SOS (Sign Of Scream)\npermalink: /history/groups/SOS_Sign_Of_Scream/\ntags:\n- cyber\n---\n\n## SOS (Sign Of Scream)\n\n### Origin\nInternational\n\n### Description\nThis group was started in August 1998 by Nightmare Joker (ex SLAM) and joins several solo virus writers and some writers with past virus group experience. The emphasis of the group's activities lies with macro and HLL virus technology. The group never really succeeded as is rumored to have been disbanded.\n\n### Website\nNone\n\n### Reference\nhttp://vxheaven.org/vx.php?id=gs08\n"
},
{
"path": "history/groups/SPS_Scientific_Programming_Society.md",
"content": "---\nlayout: default\ntitle: SPS (Scientific Programming Society)\npermalink: /history/groups/SPS_Scientific_Programming_Society/\ntags:\n- cyber\n---\n\n## SPS (Scientific Programming Society)\n\n### Origin\nRussian Federation\n\n### Description\nNot a lot is known about this group except that they just have a minor interest in computer viruses.\n\n### Magazine\n[LMD](http://vxheaven.org/vx.php?id=zl00)\n\n### Website\nNone\n\n### Reference\nhttp://vxheaven.org/vx.php?id=gs09\n"
},
{
"path": "history/groups/SVAT_Special_Viruses_And_Trojans.md",
"content": "---\nlayout: default\ntitle: SVAT (Special Viruses And Trojans)\npermalink: /history/groups/SVAT_Special_Viruses_And_Trojans/\ntags:\n- cyber\n---\n\n## SVAT (Special Viruses And Trojans)\n\n### Origin\nUnknown\n\n### Description\nA litlle known group that has produced several viruses. The group was disbanded due to lack of time to create new viruses.\n\n### Website\nNone\n\n### Reference\nhttp://vxheaven.org/vx.php?id=gs10\n"
},
{
"path": "history/groups/SVL_Slovak_Virus_Laboratories.md",
"content": "---\nlayout: default\ntitle: SVL (Slovak Virus Laboratories)\npermalink: /history/groups/SVL_Slovak_Virus_Laboratories/\ntags:\n- cyber\n---\n\n## SVL (Slovak Virus Laboratories)\n\n### Origin\nSlovakia\n\n### Description\nThis group started late 1992 and has produced several viruses (Slovakia and SVL viruses) and the polymorphic engine MDevice. In june 1996 the group announced the end of it's activities.\n\n### Website\nNone\n\n### Reference\nhttp://vxheaven.org/vx.php?id=gs11\n"
},
{
"path": "history/groups/SVS_Seoul_Virus_Society.md",
"content": "---\nlayout: default\ntitle: SVS (Seoul Virus Society)\npermalink: /history/groups/SVS_Seoul_Virus_Society/\ntags:\n- cyber\n---\n\n## SVS (Seoul Virus Society)\n\n### Origin\nRepublic Of Korea\n\n### Description\nGroup with unknown number of members responsible for 50+ viruses. Merged with the CVC [Corean Virus Club, old](http://vxheaven.org/vx.php?id=gc03) and CVL [Corean Virus Laboratory](http://vxheaven.org/vx.php?id=gc04) to create the new CVC [Corean Virus Club, new](http://vxheaven.org/vx.php?id=gc02).\n\n### Website\n\n\n### Reference\n"
},
{
"path": "history/groups/Sector_Infector_Inc.md",
"content": "---\nlayout: default\ntitle: Sector Infector Inc.\npermalink: /history/groups/Sector_Infector_Inc/\ntags:\n- cyber\n---\n\n## Sector Infector Inc.\n\n### Origin\nUnited States\n\n### Description\nVirus authoring group / writer responsible for about 10+ , mostly hacked, viruses.\n\n### Website\nNone\n\n### Reference\nhttp://vxheaven.org/vx.php?id=gs00\n"
},
{
"path": "history/groups/ShadowVX_Group.md",
"content": "---\nlayout: default\ntitle: ShadowVX Group\npermalink: /history/groups/ShadowVX_Group/\ntags:\n- cyber\n---\n\n## ShadowVX Group\n\n### Origin\nInternational\n\n### Description\nA group with some well known and lesser known members.\n\n### Magazine\n[ShadowVX](http://vxheaven.org/vx.php?id=zs01)\n\n### Website\nNone\n\n### Reference\nhttp://vxheaven.org/vx.php?id=gs03\n"
},
{
"path": "history/groups/Shadow_Dancer_Team.md",
"content": "---\nlayout: default\ntitle: Shadow Dancer Team\npermalink: /history/groups/Shadow_Dancer_Team/\ntags:\n- cyber\n---\n\n## Shadow Dancer Team\n\n### Origin\nIndonesia\n\n### Description\nLittle information is known about this group except that their young members started out late 1999 and are new to the scene. Their website disappeared with the massive shutdown of SOK4Ever. Ding Lik created the Ding Lik C Virus Generator (DLCVG).\n\n### Magazine\n[Shadow Dancer](http://vxheaven.org/vx.php?id=zs00)\n\n### Website\nNone\n\n### Reference\nhttp://vxheaven.org/vx.php?id=gs02\n"
},
{
"path": "history/groups/Silicium_Revolte.md",
"content": "---\nlayout: default\ntitle: Silicium Revolte\npermalink: /history/groups/Silicium_Revolte/\ntags:\n- cyber\n---\n\n## Silicium Revolte\n\n### Origin\nPoland\n\n### Description\nA recent (early 2000) addition to the computer virus scene this group has both a computer virus and software cracking background.\n\n### Website\nNone\n\n### Reference\nhttp://vxheaven.org/vx.php?id=gs04\n"
},
{
"path": "history/groups/Skamwerk_Labs.md",
"content": "---\nlayout: default\ntitle: Skamwerk Labs\npermalink: /history/groups/Skamwerk_Labs/\ntags:\n- cyber\n---\n\n## Skamwerk Labs\n\n### Origin\nInternational\n\n### Description\nStarted by the creator of the SkamWerks Labs WCCK this groups is mainly active with macro viruses. No recent activity has been observed.\n\n### Website\nNone\n\n### Reference\nhttp://vxheaven.org/vx.php?id=gs05\n"
},
{
"path": "history/groups/TAVC_Tula_Anti_Viral_Club.md",
"content": "---\nlayout: default\ntitle: TAVC (Tula Anti & Viral Club)\npermalink: /history/groups/TAVC_Tula_Anti_Viral_Club/\ntags:\n- cyber\n---\n\n## TAVC (Tula Anti & Viral Club)\n\n### Origin\nRussian Federation\n\n### Description\n'Group' that has been around for a while but was just recently (1998) 'discovered'. Apparently disbanded early 1999. Their Moon Bug publication still appears regularly as a combined effort of the Russian VX scene.\n\n### Magazine\n[MoonBug](http://vxheaven.org/vx.php?id=zm03)\n\n### Website\nNone\n\n### Reference\nhttp://vxheaven.org/vx.php?id=gt00\n"
},
{
"path": "history/groups/TDJ_The_Diabolical_Judges.md",
"content": "---\nlayout: default\ntitle: TDJ (The Diabolical Judges)\npermalink: /history/groups/TDJ_The_Diabolical_Judges/\ntags:\n- cyber\n---\n\n## TDJ (The Diabolical Judges)\n\n### Origin\nUnknown\n\n### Description\nNew group that emerged in the middle of February of 1998. No activity has been observed recently.\n\n### Magazine\n[Diabolic Judges](http://vxheaven.org/vx.php?id=zd02)\n\n### Website\nNone\n\n### Reference\nhttp://vxheaven.org/vx.php?id=gt01\n"
},
{
"path": "history/groups/TI_Technological_Illusions.md",
"content": "---\nlayout: default\ntitle: TI (Technological Illusions)\npermalink: /history/groups/TI_Technological_Illusions/\ntags:\n- cyber\n---\n\n## TI (Technological Illusions)\n\n### Origin\nInternational\n\n### Description\nNew group that emerged late 1998. No recent activity has bee observed and their website has disappeared.\n\n### Website\nNone\n\n### Reference\nhttp://vxheaven.org/vx.php?id=gt03\n"
},
{
"path": "history/groups/TNN_The_Narkotic_Network.md",
"content": "---\nlayout: default\ntitle: TNN (The Narkotic Network )\npermalink: /history/groups/TNN_The_Narkotic_Network/\ntags:\n- cyber\n---\n\n## TNN (The Narkotic Network )\n\n### Origin\nUnited States\n\n### Description\nGroup that emerged in the middle of 1997. VicodinES is responsible for the tutorial \"Theory Of Better Virus Distribution\", several 32-bit (Win32 and Windows 95) and macro viruses and the VicodinES [Class.Poppy Construction Kit](http://vxheaven.org/vx.php?id=tc01) (VMPCK). VicodinES joined [Codebreakers](http://vxheaven.org/vx.php?id=gc00) in June 1998.\n\n### Website\nNone\n\n### Reference\nhttp://vxheaven.org/vx.php?id=gn03\n"
},
{
"path": "history/groups/TPVO_OVEL_Taiwan_Power_Virus_Organisation_Organization_of_Virus_Examination_Lab.md",
"content": "---\nlayout: default\ntitle: TPVO/OVEL (Taiwan Power Virus Organisation/Organization of Virus Examination Lab\npermalink: /history/groups/TPVO_OVEL_Taiwan_Power_Virus_Organisation_Organization_of_Virus Examination_Lab/\ntags:\n- cyber\n---\n\n## TPVO/OVEL (Taiwan Power Virus Organisation/Organization of Virus Examination Lab\n\n### Origin\nTaiwan, China\n\n### Description\nVirus authoring group responsible for 15+ viruses. Dark Slayer is responsible for mutation engines like DCSE and DSME. Dark Killer released his DKME mutation engine in TPVO magazine #3. During 1996 the group was later renamed to OVEL. Actvity has been limited due to military draft commitments of the members.\n\n### Magazine\n[TPVO/OVEL Magazine](http://vxheaven.org/vx.php?id=zo00)\n\n### Website\n\n\n### Reference\n"
},
{
"path": "history/groups/Team_Necrosis.md",
"content": "---\nlayout: default\ntitle: Team Necrosis\npermalink: /history/groups/Team_Necrosis/\ntags:\n- cyber\n---\n\n## Team Necrosis\n\n### Origin\nUnited States\n\n### Description\nThe group emerged in November 1999. Their activities cover exploits and macro virus issues.\nThere is their self definition:\nBased in the United States, Team Necrosis is a nationally recognized group of the Active Viral Community. Our main area of expertise is High Level Language Artificial Life creation and design. Although we design AL, we do not fully support the ideas of spreading our creations.\n\n### Website\nNone\n\n### Reference\nhttp://vxheaven.org/vx.php?id=gt02\n"
},
{
"path": "history/groups/The_Codebreakers.md",
"content": "---\nlayout: default\ntitle: The Codebreakers\npermalink: /history/groups/The_Codebreakers/\ntags:\n- cyber\n---\n\n## The Codebreakers\n\n### Origin\nInternational\n\n### Description\nStarted by and with members of the Power Empire Virus Faction they are partly VX and partly hacking oriented. Throughout 1998 this group has grown to be the eading authority of the VX world. Well known solo virus writers have joined and the group is producing a lot of material and a solid e-zine. Due to the Melissa virus chaos in the beginning of 1999 the group had some problems with their website and has been offline for a while. Early 2000 signs of renewed activity.\n\n### Magazine\n[CodeBreakers](http://vxheaven.org/vx.php?id=zc03)\n\n### Website\nNone\n\n### Reference\nhttp://vxheaven.org/vx.php?id=gc00\n"
},
{
"path": "history/groups/The_Kefrens.md",
"content": "---\nlayout: default\ntitle: The Kefrens\npermalink: /history/groups/The_Kefrens/\ntags:\n- cyber\n---\n\n## The Kefrens\n\n### Origin\nGermany\n\n### Description\nGroup that started February 1999. Limited signs of activity can be found at their site.\nGroup comment: \"The KEFREN , also spelled 'Chephren' or 'Kephren', has been an old, egypt king, that ruled in the 4th dynastie and the Second Pyramid was built for him, and the sphinx has his face. We took this name, because it sounds good and looks nice on pics :) We want to write good and individual code, like every writer should try to produce. In addition to this, we try to spread knowledge and to give new writers a helping hand in virus creating. All in all we follow the ethics and morals that The Mentor has summed up in his 'Hackers Manifesto'.\"\n\n### Website\n[Kefrens](http://vxheaven.org/vx.php?id=zk00)\n\n### Reference\nhttp://vxheaven.org/vx.php?id=gk00\n"
},
{
"path": "history/groups/The_Trinity.md",
"content": "---\nlayout: default\ntitle: The Trinity\npermalink: /history/groups/The_Trinity/\ntags:\n- cyber\n---\n\n## The Trinity\n\n### Origin\nInternational\n\n### Description\nVirus writing group that started somewhere in 1994 but hasn't been heard from recently.\n\n### Magazine\n[Revelation](http://vxheaven.org/vx.php?id=zr00)\n\n### Website\nNone\n\n### Reference\nhttp://vxheaven.org/vx.php?id=gt07\n"
},
{
"path": "history/groups/TridenT.md",
"content": "---\nlayout: default\ntitle: TridenT\npermalink: /history/groups/TridenT/\ntags:\n- cyber\n---\n\n## TridenT\n\n### Origin\nNetherlands\n\n### Description\nVirus authoring group responsible for 150+ viruses and the well known TridenT Polymorphic Engine (TPE).\n\n### Website\nNone\n\n### Reference\nhttp://vxheaven.org/vx.php?id=gt05\n"
},
{
"path": "history/groups/Trinity.md",
"content": "---\nlayout: default\ntitle: Trinity\npermalink: /history/groups/Trinity/\ntags:\n- cyber\n---\n\n## Trinity\n\n### Origin\nUnited States\n\n### Description\nVirus authoring group responsible for an unknown number of viruses.\n\n### Magazine\n[Source](http://vxheaven.org/vx.php?id=zs02)\n\n### Website\nNone\n\n### Reference\nhttp://vxheaven.org/vx.php?id=gt06\n"
},
{
"path": "history/groups/UCSI_Ultimate_Chaos_Security_International.md",
"content": "---\nlayout: default\ntitle: UCSI (Ultimate Chaos Security International)\npermalink: /history/groups/UCSI_Ultimate_Chaos_Security_International/\ntags:\n- cyber\n---\n\n## UCSI (Ultimate Chaos Security International)\n\n### Origin\nInternational\n\n### Description\nA group that was started February 1998 as a group of virus collectors and people interested in computer viruses. It now also has virus producing members but the future of the group will be mainly based on security issues.\n\n### Magazine\n[Final Chaos](http://vxheaven.org/vx.php?id=zf01)\n\n### Website\nNone\n\n### Reference\nhttp://vxheaven.org/vx.php?id=gu00\n"
},
{
"path": "history/groups/V-Zone_Virus_Zone.md",
"content": "---\nlayout: default\ntitle: V-Zone (Virus Zone)\npermalink: /history/groups/V-Zone_Virus_Zone/\ntags:\n- cyber\n---\n\n## V-Zone (Virus Zone)\n\n### Origin\nRussian Federation\n\n### Description\nNot a lot is known about this group from Irkutsk. The group has produced some viruses and an e-zine.\n\n### Magazine\n[Virus Zone](http://vxheaven.org/vx.php?id=zv12)\n\n### Website\nNone\n\n### Reference\nhttp://vxheaven.org/vx.php?id=gv08\n"
},
{
"path": "history/groups/VBB_Virus_Bits_Bytes.md",
"content": "---\nlayout: default\ntitle: VBB (Virus Bits & Bytes)\npermalink: /history/groups/VBB_Virus_Bits_Bytes/\ntags:\n- cyber\n---\n\n## VBB (Virus Bits & Bytes)\n\n### Origin\nInternational\n\n### Description\nA recent addition to the virus writing scene. Like so many of them this group went inactive after their initial start. In the end of 1996 some members started a new group, [SLAM](http://vxheaven.org/vx.php?id=gs06).\n\n### Website\nNone\n\n### Reference\nhttp://vxheaven.org/vx.php?id=gv00\n"
},
{
"path": "history/groups/VDV_Verband_Deutscher_Virenliebhaber_The_German_Association_Of_Virus_Lovers.md",
"content": "---\nlayout: default\ntitle: VDV (Verband Deutscher Virenliebhaber (The German Association of Virus Lovers))\npermalink: /history/groups/VDV_Verband_Deutscher_Virenliebhaber_The_German_Association_of_Virus_Lovers/\ntags:\n- cyber\n---\n\n## VDV (Verband Deutscher Virenliebhaber (The German Association of Virus Lovers))\n\n### Origin\nGermany\n\n### Description\nVirus writing group responsible for the release of the virus creation tool VCS (Virus Construction Set).\n\n### Website\nNone\n\n### Reference\nhttp://vxheaven.org/vx.php?id=gv01\n"
},
{
"path": "history/groups/VLAD_Virus_Laboratory_And_Distribution.md",
"content": "---\nlayout: default\ntitle: VLAD (Virus Laboratory And Distribution )\npermalink: /history/groups/VLAD_Virus_Laboratory_And_Distribution/\ntags:\n- cyber\n---\n\n## VLAD (Virus Laboratory And Distribution )\n\n### Origin\nAustralia\n\n### Description\nVirus authoring group responsible for around 40 viruses. Group with international members but originated in Australia. In the last year of its existence the membership list changed many times. With many members retired the end of 1996 appeared to be the end of this prolific virus writing group.\n\n### Magazine\n[Vlad](http://vxheaven.org/vx.php?id=zv03)\n\n### Website\nNone\n\n### Reference\nhttp://vxheaven.org/vx.php?id=gv05\n"
},
{
"path": "history/groups/VOFCA_Virus_and_Other_Fine_Code_Authors.md",
"content": "---\nlayout: default\ntitle: VOFCA (Virus and Other Fine Code Authors)\npermalink: /history/groups/VOFCA_Virus_and_Other_Fine_Code_Authors/\ntags:\n- cyber\n---\n\n## VOFCA (Virus and Other Fine Code Authors)\n\n### Origin\nUnited States\n\n### Description\nA 1996 addition to the virus writing scene. Several viruses and a de/encryption tool have been released. Member of the [Alliance](http://vxheaven.org/vx.php?id=ga01).\n\n### Website\nNone\n\n### Reference\nhttp://vxheaven.org/vx.php?id=gv06\n"
},
{
"path": "history/groups/VXI_VX_India.md",
"content": "---\nlayout: default\ntitle: VXI (VX India)\npermalink: /history/groups/VXI_VX_India/\ntags:\n- cyber\n---\n\n## VXI (VX India)\n\n### Origin\nIndia\n\n### Description\nOne of the few manifestations of a computer virus scene in India. Exact details about this group are unknown. Unlimited Group's Note: Group Philosophy\n* Learn more and more about operating systems and vulnerabilities\n* Support all true learning taking place in systems programming\n* Not to cause any harm to any innocent people\n* Ensure that viruses which spread in wild only do minimal effects\n* Surpassing limits set by Companies and people\n* To make new friends with similar ideology and attitude\n* To respect all thoughts and views\n* Make viruses which are based on the SIUS principle (read on www.vxi.cjb.net)\n* Have a few checkmates on the AV industry\n* Make aware people that all is not safe and that trust is explicit, not implicit\n\n### Website\nNone\n\n### Reference\nhttp://vxheaven.org/vx.php?id=gv07\n"
},
{
"path": "history/groups/Viper_Viral_Inclined_Programming_Experts_Group.md",
"content": "---\nlayout: default\ntitle: Viper (Viral Inclined Programming Experts Group)\npermalink: /history/groups/Viper_Viral_Inclined_Programming_Experts_Group/\ntags:\n- cyber\n---\n\n## Viper (Viral Inclined Programming Experts Group)\n\n### Origin\nUnited States\n\n### Description\nVirus authoring / writer group responsible for a small number of simple viruses.\n\n### Magazine\n[Anaconda](http://vxheaven.org/vx.php?id=za04)\n\n### Website\nNone\n\n### Reference\nhttp://vxheaven.org/vx.php?id=gv02\n"
},
{
"path": "history/groups/ViroGenic_Junkies.md",
"content": "---\nlayout: default\ntitle: ViroGenic Junkies\npermalink: /history/groups/ViroGenic_Junkies/\ntags:\n- cyber\n---\n\n## ViroGenic Junkies\n\n### Origin\nUnknown\n\n### Description\nVirus authoring group that never was. It ended up being a staging area for virus writers in search of a group. Septic and Virus-X from the short lived [JVS (Janus Virus Syndicate)](http://vxheaven.org/vx.php?id=gj00) ended up in [TI (Technological Illusions)](http://vxheaven.org/vx.php?id=gt03) (Virus-X in the mean time has left TI). Mandragore ended up with [DDT (Dichlore Diphenyl Trichloretane)](http://vxheaven.org/vx.php?id=gd03).\n\n### Website\nNone\n\n### Reference\nhttp://vxheaven.org/vx.php?id=gv03\n"
},
{
"path": "history/groups/Virulent_Graffiti.md",
"content": "---\nlayout: default\ntitle: Virulent Graffiti\npermalink: /history/groups/Virulent_Graffiti/\ntags:\n- cyber\n---\n\n## Virulent Graffiti\n\n### Origin\nUnited States\n\n### Description\nVirus authoring group responsible for around 10 viruses.\n\n### Magazine\n[Infectious Disease Magazine](http://vxheaven.org/vx.php?id=zi02)\n\n### Website\nNone\n\n### Reference\nhttp://vxheaven.org/vx.php?id=gv04\n"
},
{
"path": "history/groups/WAVE_World_Association_of_Virus_Enhancement.md",
"content": "---\nlayout: default\ntitle: WAVE (World Association of Virus Enhancement)\npermalink: /history/groups/WAVE_World_Association_of_Virus_Enhancement/\ntags:\n- cyber\n---\n\n## WAVE (World Association of Virus Enhancement)\n\n### Origin\nInternational\n\n### Description\nVirus authoring group that at the end of 1997 emerged from the UHA (United Hackers of Amsterdam) hacking group. No recent activity has been observed.\n\n### Website\nNone\n\n### Reference\nhttp://vxheaven.org/vx.php?id=gw00\n"
},
{
"path": "history/groups/Youths_Against_McAfee.md",
"content": "---\nlayout: default\ntitle: Youths Against McAfee\npermalink: /history/groups/Youths_Against_McAfee/\ntags:\n- cyber\n---\n\n## Youths Against McAfee\n\n### Origin\nUnited States\n\n### Description\nVirus authoring group responsible for around 30 viruses and the [Instant Virus Production Kit](http://vxheaven.org/vx.php?id=ti01).\n\n### Magazine\n[Evolution](http://vxheaven.org/vx.php?id=ze00)\n\n### Website\nNone\n\n### Reference\nhttp://vxheaven.org/vx.php?id=gy00\n"
},
{
"path": "history/groups/ZeroGravity.md",
"content": "---\nlayout: default\ntitle: ZeroGravity\npermalink: /history/groups/ZeroGravity/\ntags:\n- cyber\n---\n\n## ZeroGravity\n\n### Origin\nInternational\n\n### Description\nRenamed [3C Group (Cyber Criminals Clan)](http://vxheaven.org/vx.php?id=g001) (early 2000). The groups explores both the computer virus and the hacking scene.\n\n### Website\nNone\n\n### Reference\nhttp://vxheaven.org/vx.php?id=gz00\n"
},
{
"path": "history/groups/index.md",
"content": "---\nlayout: default\ntitle: Cyber Groups - CyberTechniques.net\npermalink: /history/groups/\ntags:\n- cyber\n---\n\n## History - Groups\n\nIn Alphabetical Order\n\n* [29A](29A/)\n* [3C Group (Cyber Criminals Clan)](3C_Group_Cyber_Criminals_Clan/)\n* [A.N.O.I. (A New Order of Intelligence)](A_N_O_I_A_New_Order_of_Intelligence/)\n* [Alliance](Alliance/)\n* [Anarkick Systems](Anarkick_Systems/)\n* [ANVX](ANVX/)\n* [ARCV (Association of Really Cruel Viruses)](ARCV_Association_of_Really_Cruel_Viruses/)\n* [ASM (Association of Satanic Maniacs)](ASM_Association_of_Satanic_Maniacs/)\n* [Astigmatizm](Astigmatizm/)\n* [Australian Institute of Hackers](Australian_Institute_of_Hackers/)\n* [AVCR (Amateur Virus Creation & Research Group)](AVCR_Amateur_Virus_Creation_Research_Group/)\n* [AVM (Alternative Virus Mafia)](AVM_Alternative_Virus_Mafia/)\n* [BHA (Badsector Hacking Alliance)](BHA_Badsector_Hacking_Alliance/)\n* [Brigada Ocho](Brigada_Ocho/)\n* [BzZ](BzZ/)\n* [The Codebreakers](The_Codebreakers/)\n* [Computa GangstaZ](Computa_GangstaZ/)\n* [CVC (Corean Virus Club, new)](CVC_Corean_Virus_Club_new/)\n* [CVC (Corean Virus Club, old)](CVC_Corean_Virus_Club_old/)\n* [CVL (Corean Virus Laboratory)](CVL_Corean_Virus_Laboratory/)\n* [Cybernetic Crew](Cybernetic_Crew/)\n* [DAN (Digital Anarchy)](DAN_Digital_Anarchy/)\n* [Dark Conspiracy](Dark_Conspiracy/)\n* [Darkness Sons](Darkness_Sons/)\n* [DDT (Dichlore Diphenyl Trichloretane)](DDT_Dichlore_Diphenyl_Trichloretane/)\n* [Demoralized Youth](Demoralized_Youth/)\n* [Diabolical Kreations](Diabolical_Kreations/)\n* [Diffusion](Diffusion/)\n* [DIVA (Digital Indonesian Vx Authors)](DIVA_Digital_Indonesian_Vx_Authors/)\n* [Divide By Zero](Divide_By_Zero/)\n* [Doom Riderz](Doom_Riderz/)\n* [DVC (Death Virii Crew)](DVC_Death_Virii_Crew/)\n* [DVC (Dutch Virii Community)](DVC_Dutch_Virii_Community/)\n* [Electrical Ordered Freedom](Electrical_Ordered_Freedom/)\n* [Familia](Familia/)\n* [FCF (Fearless Criminal Force, Formater's Cracking Force)](FCF_Fearless_Criminal_Force_Formaters_Cracking_Force/)\n* [FS (Feathered Serpents)](FS_Feathered_Serpents/)\n* [Gedzac](Gedzac/)\n* [Genesis](Genesis/)\n* [Hackerz Networx](Hackerz_Networx/)\n* [Hail and Kill](Hail_and_Kill/)\n* [Hazard](Hazard/)\n* [HCDS](HCDS/)\n* [HTC '95](HTC_95/)\n* [HVM (Hungarian Virus Acade my)](HVM_Hungarian_Virus_Acade_my/)\n* [IKX (International Knowledge eXchange)](IKX_International_Knowledge_eXchange/)\n* [Immortal EAS](Immortal_EAS/)\n* [Immortal Riot](Immortal_Riot/)\n* [Intergang](Intergang/)\n* [Invaders](Invaders/)\n* [IR/G (Immortal Riot/Genesis)](IR_G_Immortal_Riot_Genesis/)\n* [Italian Virus Research Laboratory](Italian_Virus_Research_Laboratory/)\n* [JVS (Janus Virus Syndicate)](JVS_Janus_Virus_Syndicate/)\n* [K.P.V. Team](K_P_V_Team/)\n* [The Kefrens](The_Kefrens/)\n* [LineZer0 VX Team](LineZer0_VX_Team/)\n* [Living Turmoil](Living_Turmoil/)\n* [LT/RSA (Living Turmoil / Ruthless Stealth Angels)](LT_RSA_Living_Turmoil_Ruthless_Stealth_Angels/)\n* [Mandragora](Mandragora/)\n* [Matrix](Matrix/)\n* [Metaphase VX Team](Metaphase_VX_Team/)\n* [Mikee's World](Mikees_World/)\n* [Misdirected Youth](Misdirected_Youth/)\n* [No Mercy](No_Mercy/)\n* [NoP](NoP/)\n* [NuKE](NuKE/)\n* [Phalcon-Skism](Phalcon-Skism/)\n* [Power Empire Virii Faction](Power_Empire_Virii_Faction/)\n* [Power Heap Research](Power_Heap_Research/)\n* [PVW (Pinoy Virus Writers)](PVW_Pinoy_Virus_Writers/)\n* [Rabid](Rabid/)\n* [Ready Rangers Liberation Front](Ready_Rangers_Liberation_Front/)\n* [Rioters](Rioters/)\n* [RSA (Ruthless Stealth Angels)](RSA_Ruthless_Stealth_Angels/)\n* [RVM (Russian Virus Makers)](RVM_Russian_Virus_Makers/)\n* [Sector Infector Inc.](Sector_Infector_Inc/)\n* [SG (Stealth Group; former SG World Wide)](SG_Stealth_Group_former_SG_World_Wide/)\n* [Shadow Dancer Team](Shadow_Dancer_Team/)\n* [ShadowVX Group](ShadowVX_Group/)\n* [Silicium Revolte](Silicium_Revolte/)\n* [Skamwerk Labs](Skamwerk_Labs/)\n* [SLAM](SLAM/)\n* [SMF](SMF/)\n* [SOS (Sign Of Scream)](SOS_Sign_Of_Scream/)\n* [SPS (Scientific Programming Society)](SPS_Scientific_Programming_Society/)\n* [SVAT (Special Viruses And Trojans)](SVAT_Special_Viruses_And_Trojans/)\n* [SVL (Slovak Virus Laboratories)](SVL_Slovak_Virus_Laboratories/)\n* [SVS (Seoul Virus Society)](SVS_Seoul_Virus_Society/)\n* [TAVC (Tula Anti & Viral Club)](TAVC_Tula_Anti_Viral_Club/)\n* [TDJ (The Diabolical Judges)](TDJ_The_Diabolical_Judges/)\n* [Team Necrosis](Team_Necrosis/)\n* [TI (Technological Illusions)](TI_Technological_Illusions/)\n* [TNN (The Narkotic Network)](TNN_The_Narkotic_Network/)\n* [TPVO/OVEL (Taiwan Power Virus Organisation_Organization of Virus Examination Lab](TPVO_OVEL_Taiwan_Power_Virus_Organisation_Organization_of_Virus_Examination_Lab/)\n* [TridenT](TridenT/)\n* [The Trinity](The_Trinity/)\n* [Trinity](Trinity/)\n* [UCSI (Ultimate Chaos Security International)](UCSI_Ultimate_Chaos_Security_International/)\n* [V-Zone (Virus Zone)](V-Zone_Virus_Zone/)\n* [VBB (Virus Bits & Bytes)](VBB_Virus_Bits_Bytes/)\n* [VDV (Verband Deutscher Virenliebhaber (The German Association of Virus Lovers))](VDV_Verband_Deutscher_Virenliebhaber_The_German_Association_of_Virus Lovers/)\n* [Viper (Viral Inclined Programming Experts Group)](Viper_Viral_Inclined_Programming_Experts_Group/)\n* [ViroGenic Junkies](ViroGenic_Junkies/)\n* [Virulent Graffiti](Virulent_Graffiti/)\n* [VLAD (Virus Laboratory And Distribution)](VLAD_Virus_Laboratory_And_Distribution/)\n* [VOFCA (Virus and Other Fine Code Authors)](VOFCA_Virus_and_Other_Fine_Code_Authors/)\n* [VXI (VX India)](VXI_VX_India/)\n* [WAVE (World Association of Virus Enhancement)](WAVE_World_Association_of_Virus_Enhancement/)\n* [Youths Against McAfee](Youths_Against_McAfee/)\n* [ZeroGravity](ZeroGravity/)\n\n"
},
{
"path": "history/index.md",
"content": "---\nlayout: default\ntitle: history\npermalink: /history/\ntags:\n- history\n- cyber\n---\n\n## History\n\n\n\n[Groups](groups/)\n\n[Magazines](magazines/)\n\n\nTimeline: Key events in cyber history\nExplore some of the technological advances that led to cyberspace and examples of notable hacks.\n\n1988\n----\nThe Morris worm - one of the first recognised worms to affect the world's nascent cyber infrastructure - spread around computers largely in the US. The worm used weaknesses in the UNIX system Noun 1 and replicated itself regularly. It slowed down computers to the point of being unusable. The worm was the work of Robert Tapan Morris, who said he was just trying to gauge how big the Internet was. He subsequently became the first person to be convicted under the the US' computer fraud and abuse act. He now works as a professor at MIT.\n\nDECEMBER 2006\n-------------\nNASA was forced to block emails with attachments before shuttle launches out of fear they would be hacked.\n\nBusiness Week reported that the plans for the latest US space launch vehicles were obtained by unknown foreign intruders.\n\nAPRIL 2007\n----------\nEstonian government networks were harassed by a denial of service attack by unknown foreign intruders, following the country's spat with Russia over the removal of a war memorial. Some government online services were temporarily disrupted and online banking was halted.\n\nThe attacks were more like cyber riots than crippling attacks, and the Estonians responded well, relaunching some services within hours or - at most - days.\n\nJUNE 2007\n---------\nThe US Secretary of Defense’s unclassified email account was hacked by unknown foreign intruders as part of a larger series of attacks to access and exploit the Pentagon's networks.\n\nOCTOBER 2007\n------------\nChina’s Ministry of State Security said that foreign hackers, which it claimed 42% came from Taiwan and 25% from the US, had been stealing information from Chinese key areas.\n\nIn 2006, when the China Aerospace Science & Industry Corporation (CASIC) intranet network was surveyed, spywares were found in the computers of classified departments and corporate leaders.\n\nSUMMER 2008\n-----------\nThe databases of both Republican and Democratic presidential campaigns were hacked and downloaded by unknown foreign intruders.\n\nAUGUST 2008\n-----------\nComputer networks in Georgia were hacked by unknown foreign intruders around the time that the country was in conflict with Russia. Graffiti appeared on Georgian government websites.\n\nThere was little or no disruption of services but the hacks did put political pressure on the Georgian government and appeared to be coordinated with Russian military actions.\n\nJANUARY 2009\n------------\nHackers attacked Israel’s internet infrastructure during the January 2009 military offensive in the Gaza Strip. The attack, which focused on government websites, was executed by at least 5,000,000 computers.\n\nIsraeli officials believed the attack was carried out by a criminal organisation based in a former Soviet state, and paid for by Hamas or Hezbollah.\n\nJANUARY 2010\n------------\nA group named the \"Iranian Cyber Army” disrupted the service of the popular Chinese search engine Baidu. Users were redirected to a page showing an Iranian political message.\n\nThe same “Iranian Cyber Army” had hacked into Twitter the previous December, with a similar message.\n\nOCTOBER 2010\n------------\nStuxnet, a complex piece of malware designed to interfere with Siemens industrial control systems, was discovered in Iran, Indonesia, and elsewhere, leading to speculation that it was a government cyber weapon aimed at the Iranian nuclear programme.\n\nJANUARY 2011\n------------\nThe Canadian government reported a major cyber attack against its agencies, including Defence Research and Development Canada, a research agency for Canada's Department of National Defence.\n\nThe attack forced the Finance Department and Treasury Board, Canada’s main economic agencies, to disconnect from the Internet.\n\nJULY 2011\n---------\nIn a speech unveiling the Department of Defense’s cyber strategy, the US Deputy Secretary of Defense mentioned that a defense contractor was hacked and 24,000 files from the Department of Defense were stolen.\n\nOCTOBER 2012\n------------\nThe Russian firm Kaspersky discovered a worldwide cyber-attack dubbed “Red October,” that had been operating since at least 2007.\n\nHackers gathered information through vulnerabilities in Microsoft’s Word and Excel programmes. The primary targets of the attack appear to be countries in Eastern Europe, the former USSR and Central Asia, although Western Europe and North America reported victims as well.\n\nThe virus collected information from government embassies, research firms, military installations, energy providers, nuclear and other critical infrastructures.\n\nMARCH 2013\n----------\nSouth Korean financial institutions as well as the Korean broadcaster YTN had their networks infected in an incident said to resemble past cyber efforts by North Korea.\n\nJUNE 2013\n---------\nIn their first-ever meeting dedicated to cyber defence on Tuesday (June 4), NATO Defence Ministers agreed that the Alliance’s cyber-defence capability should be fully operational by the autumn, extending protection to all the networks owned and operated by the Alliance.\n\nOCTOBER 2013\n------------\nNCIRC Upgrade - The NATO Computer Incident Response Capability (NCIRC) upgrade project, a 58 Million euro enhancement of NATO cyber defences, is on track for completion by the end of October 2013. This major capability milestone will help NATO to better protect its networks from the increasing number of cyber attacks against the Alliance's information systems.\n\n\n1943-1944\n---------\n\nHistory\n-------\nThe digital era jumped ahead with the creation of Colossus, the first programmable digital machine. Though limited compared to later computers, Colossus played a pivotal role in code breaking during World War II. In effect, the British developed the first digital machine to hack German codes.\nThe National Museum of Computer: Colossus\nColossus: The first large-scale electronic computer\n1961-1962\n\nHistory\n-------\nKey steps in the history of global computer networks came when Leonard Kleinrock at MIT published the first paper on packet switching theory in July 1961, and the next year when J.C.R. Licklider, also at MIT, wrote a series of memos spelling out his ideas for a \"Galactic Network\" in which people could access data from anywhere.\nInternet Society: Origins of the Internet\n1967-1969\n\nHistory\n-------\nThe Advanced Research Projects Agency, later known as DARPA, accelerated work on what was initially dubbed ARPANET and eventually came to be known as the Internet. The first ARPANET message was sent at 10:30 p.m. on Oct. 29, 1969.\nInternet Society: Oirginal Internet concepts\nStanford Research Institute: Celebrating the first ARPANET transmission\n1971\n\nHistory\n-------\nIntel released the first integrated microprocessor, a major leap forward in the history of the computer. It had 2,300 transistors and processed 60,000 instructions per second.\n1982\n\nHack\n----\nNational security officials in the United States launched one of the world's first cyberattacks on another country: the Soviet Union. U.S. officials heard, through a KGB source named Farewell, that the Soviets intended to buy computer equipment through a front company to operate a gas pipeline. U.S. agents altered the software, which later caused the pipeline to explode.\nCIA: The Farewell Dossier\nAt the Abyss: An Insider's History of the Cold War (book)\n1986-1987\n\nHack\n----\nIn 1986 and 1987, a physics researcher at the University of California at Berkeley uncovered a global hack of academic, military and government computers in the United States. Chronicled later in the book “The Cuckoo's Egg,” it was the first investigation of its kind, and it revealed online hacker threats spread around the globe.\nWikipedia: The Cuckoo's Egg\n1988\n\nHack\n----\nThe first \"worm\" attack occurred on the Internet. A Cornell University student named Robert Tappan Morris released several dozen lines of code, which replicated wildly and hit thousands of computers hard. It stopped about 10 percent of the 88,000 computers linked to the Internet at the time.\nThe What, Why, and How of the 1988 Internet Worm\nCERT: Security of the Internet\n1990\n\nHistory\n-------\nARPANET became an operation network known as the Internet. About 2.6 million people around the globe had access.\n1994\n\nHack\n----\nAnonymous hackers repeatedly attacked the Air Force's Rome Laboratory in New York, underscoring the threat to military systems. Investigators discovered that a British teenager and an Israeli technician had used phone systems and networks in eight countries to cloak their attacks on numerous military and government computer systems.\nGAO (PDF): Computer attacks at the Department of Defense pose increasing risks\n1997\n\nHack\n----\nThe Pentagon's first \"information warfare\" exercise, known as Eligible Receiver, found that industrial and information systems throughout the United States are vulnerable to cyberattacks from hackers using readily available technology and software. Specialists said it appeared as though simulated attacks on power and communications networks in Oahu, Hawaii; Los Angeles; Colorado Springs, Colo.; Washington, D.C.; and elsewhere succeeded with ease.\nCongressional Research Service report (PDF): Cyberwarfare\n2003\n\nHistory\n-------\nThe amount of digital information created by computers, cameras and other data systems this year surpassed the amount of all information created in human history, according to studies by International Data Corp. and EMC.\nNovember 2003\n\nHack\n----\nHackers apparently supported by China attacked military and government systems in the United States with impunity, making off with terabytes of data. The attacks were dubbed Titan Rain by officials in the United States.\nWashington Post: Hackers attack via Chinese Web sites\nMay 2007\n\nHack\n----\nDuring a dispute between Estonia and Russia, hackers launched massive attacks on Estonian government agencies, banks, newspapers and other organization, using networks of computers to shut down Estonian systems online. Some analysts, blaming Russia, asserted the attacks represent one of the first instances of cyberwar.\nWired: Kremlin Kids: We launched the Estonian cyber war\n2008\n\nHistory\n-------\nCyberspace accelerated its expansion, with the number of devices connected to the Internet exceeding the number of people on Earth for the first time. That number hit an estimated 12.5 billion in 2010, according to a researcher at Cisco who predicted it will rise to 50 billion in 2020. Hundreds of millions of new Internet users also sign on, many millions of them via mobile phones and other portable devices.\nNovember 2008\n\nHack\n----\nThe most significant breach of U.S. computer security occurred, apparently when someone working with the Pentagon's Central Command inserted an infected flash drive into a military laptop computer at a base in the Middle East. The case was code named Buckshot Yankee. \"The flash drive’s malicious computer code, placed there by a foreign intelligence agency, uploaded itself onto a network run by the U.S. Central Command. That code spread undetected on both classified and unclassified systems, establishing what amounted to a digital beachhead, from which data could be transferred to servers under foreign control,\" a senior U.S. official later wrote in Foreign Affairs magazine.\nWashington Post: Cyber-intruder sparks massive federal response\nMarch 2009\n\nHack\n----\nCanadian researchers identified a Chinese espionage network operating on government computer systems in 103 countries, making it the largest operation of its kind ever publicly identified. The researchers dubbed the system GhostNet.\nNew York Times: Vast spy system loots computers in 103 countries\nDecember 2009\n\nHack\n----\nCommunications links with U.S. drones were hacked by Iraqi insurgents, who used laptop computers and inexpensive software. The hack apparently enabled the insurgents to see video images the drone was recording.\nJanuary 2010\n\nHack\n----\nGoogle announced that it and dozens of other companies were the focus of a \"highly sophisticated and targeted attack\" originating from China. The attack resulted in a huge amount of data being stolen. It was later dubbed Operation Aurora.\nFebruary 2010\n\nHistory\n-------\nThe number of Internet users topped 2 billion. The Defense Department said that although \"it is a man-made domain, cyberspace is now as relevant a domain for DoD activities as the naturally occurring domains of land, sea, air and space.”\nJuly 2010\n\nHack\n----\nResearchers discovered the most sophisticated cyberweapon ever to be made public. A \"worm\" known as Stuxnet, it was designed to seek out certain industrial control systems made by Siemens. Stuxnet took advantage of four zero-day vulnerabilities and appeared to be targeted at a uranium enrichment program in Iran. Specialists said it appeared to have a devastating effect, destroying or damaging hundreds of centrifuges. The New York Times reported that President Obama approved the operation as part of a secret U.S.-Israeli cyberwar campaign against Iran begun under the Bush administration.\nNovember 2010\n\nHistory\n-------\nA group of the nation's top scientists concluded in a report to the Pentagon that \"the cyber-universe is complex well beyond anyone’s understanding and exhibits behavior that no one predicted, and sometimes can’t even be explained well.\" The scientists, part of a Pentagon advisory group called JASON, said, \"Our current security approaches have had limited success and have become an arms race with our adversaries. In order to achieve security breakthroughs we need a more fundamental understanding of the science of cyber-security.\"\nMay 2011\n\nHack\n----\nSony told Congress that hackers had penetrated the PlayStation network, stealing or misusing the personal information of at least 77 million users. Sony estimated that fallout from the hack cost at least $170 million. It appeared as though criminals masqueraded as members of the anarchist-activist group known as Anonymous.\nMarch 2012\n\nHack\n----\nGen. Keith Alexander, commander of U.S. Cyber Command, blamed China for taking \"astounding\" amounts of intellectual propery and for the hack last year of security giant RSA. In testimony before a congressional panel, Alexander hinted at military reprisals. \"We reserve the right to use all necessary means — diplomatic, informational, military, and economic — as appropriate and consistent with applicable international law,\" Alexander testified.\n\n### References\n* http://www.washingtonpost.com/wp-srv/special/investigative/zeroday/cyber-history-timeline/\n* http://www.nato.int/docu/review/2013/cyber/timeline/EN/index.htm\n"
},
{
"path": "history/magazines/index.md",
"content": "---\nlayout: default\ntitle: Cyber Techniques\npermalink: /history/magazines/\ntags:\n- history\n- magazines\n- cyber\n---\n\n\nHistory - Magazines\n===================\n"
},
{
"path": "index.md",
"content": "---\nlayout: default\ntitle: Cyber Techniques\npermalink: /\ntags:\n- cybertechniques\n- cyber\n---\n\n# Cyber Techniques\n\n### A collaborative exploration\n\n
\n\n## Welcome to the Cyber Techniques website www.cybertechniques.net\n\nOur site and content has been designed to be easily modified and updated\n * See the [contribute section](#contribute) below for more information\n\nI have started this site as a result of work in my masters degree program in Cyber Security.\nWith only knowing a small part of the overall big picture I hope to get others to contribute information to this group.\n\n\nThis site was created to contain a compilation of various material related to different cyber techniques that either have existed in the past, that currently exist, or that could exist in the future.\n\n\nI created this site to contain information which can help people explore various cyber techniques, something that I have found difficult to do while going through my Cyber Security education because there is currently no good compilation of material on this topic.\n\n\nBy compiling a vast amount of information in one place one would ask if this collection of information could be used for more bad than good. The answer is simple, yes. It is no different than anything else. Information on cyber techniques isn't easy to find. Partly due to the fact that that this is a new and evolving area. I think it is also due to people trying to hide this information thinking that making this type of information difficult to find will make things better. I think this makes a good introduction into [obfuscation](techniques/obfuscation/). I believe that information related to cyber techniques should be well known to everyone. Just because it is hard to find information on a particular topic doesn't mean that information cant be obtained, it just takes longer to find what you are looking for. That means it is harder for everyone to find and learn about this evolving topic. Making this information readily available I hope to start to break down the walls between the hidden techniques commonly used by crackers and expose them to researchers, hackers, and others wanting to learn how to overcome threats now and in the future. I want this to be a place where information can be shared, contributed to, disected, and built upon.\n\nThe main reason why I am integrating this site and github together is so that it will be easy for anyone to help contribute, share, and use information related to various cyber techniques. Hopefully this will help in some way to keep us ahead of the many cyber threats that exist today and the many that will continually be exposed over the upcoming years.\n\n\nMy goal is not to reduplicate information that is already readily available but to take existing information and archive it for historical and learning purposes in the future.\nBy not reduplicating efforts that have already been done we can focus our efforts on learning and implementing protections for current or future problems.\n\n\n## Definitions\n\n### What is cyber?\nThe definition of cyber is: of, relating to, or characteristic of the culture of computers, information technology, and virtual reality.\nCyber can relate to anything electronic, digital, wired, virtual, internet, or network related.\n\n\n### What are cyber techniques?\nI am using cyber techniques to describe what techniques are used in the cyber realm\nYou can take a look at the [techniques page](techniques/) for more information\n\nCyber techniques can be used for both bad and good\n\nBefore looking at some of the software related cyber techniques it may be a good idea to review or go over some of the [Assembly Language](assembly/) tutorials provided here. You can also take a look at the [assembly language quick links](#assembly-language-quick-links)\n\nA big focus area today is: Cyber Threats\nDifferent cyber techniques are implemented which help to create:\n * [Malware](malware/)\n * [Social Attacks](#) \\(No content available yet\\)\n * [Computer Attacks](#) \\(No content available yet\\)\n * [Cloud Attacks](#) \\(No content available yet\\)\n * [Infrastructure Attacks](#) \\(No content available yet\\)\n\n## Assembly Language Quick Links\n * The use of assembly language is common in the various cyber threats. See the links below for more information.\n * [Main Page](assembly/)\n * [Windows x86](assembly/windows/x86/)\n * [Windows x64](assembly/windows/x64/)\n * [Linux x32](assembly/linux/x86/)\n * [Linux x64](assembly/linux/x64/)\n\n\n## History\n[History](history/)\n\n\n## Analysis Tools\n[Link](analysis_tools/)\n\n## Archiver Tool\nThe archiver tools is not yet available but is a web based tool that will allow a user to archive a sites page & associated content at a given url\n[Link](#)\n\n## Contribute\n * Our site is hosted on Amazon.\n * The site repository is located at: [Github](http://site.cybertechniques.net)\n * Our code is hosted on github\n * The techniques code repository is located at: [Github](http://code.cybertechniques.net)\n * The threats code repository is located at: [Github](http://threats.cybertechniques.net)\n\n### Repository Layout\nIn order to keep the repository checkout process simple and small in size all examples will be contained in separate sub repositories listed under the Cyber Threats group\n * You should use the following form which is prefixed with example and separated by a hyphen(-) where you have a new folder:\n upx obfuscation example:\n example-techniques-obfuscation-packing-upx\n\n## Policies\nIn order to prevent abuse using content from this site I have a running list below of unacceptable items that will not be permitted in any of the repositories and are listed in alphabetical order (linked content using the [Archiver Tool](#archiver-tool) is acceptable though):\n * binaries (except for free / opensource analysis tools)\n * must be validatable by a known good chacksum\n * once available, the binary must include a snapshot of the known good checksum using the archiver tool for historical purposes\n * stolen information (includes)\n * proprietary information\n * information not for public release\n\n## Contact\nSomone can be reached at: contact@cybertechniques.net\n"
},
{
"path": "malware/index.md",
"content": "---\nlayout: default\ntitle: Cyber Techniques\npermalink: /malware/\ntags:\n- malware\n---\n\n# Malware\n\n### What is malware?\n\n\n### Where can I find real malware samples?\nI have no intention of storing real live malware samples in this repository. Only malware source code will be permitted.\n\n### Real Samples\nIn alphabetical order\n\nSite Name | URL\n-------------------- | --------------------\nLuxembourg CERT | https://malware.lu\nVirusShare | https://virusshare.com\n\n\n"
},
{
"path": "scripts/change_extension.sh",
"content": "for f in *.html; do\n mv \"$f\" \"$(basename \"$f\" .html).zip\"\ndone\n"
},
{
"path": "scripts/create_dirs.sh",
"content": "#!/bin/bash\nfor f in *.zip; do\n mkdir malware-source-${f%%.*}\ndone\n"
},
{
"path": "scripts/mv_files.sh",
"content": "#!/bin/bash\nfor f in *.zip; do\n mv $f ../malware-source-${f%%.*}/\ndone\n"
},
{
"path": "techniques/index.md",
"content": "---\nlayout: default\ntitle: Cyber Techniques\npermalink: /techniques/\ntags:\n- cybertechniques\n---\n\nIn order to learn about different techniques that can be used in the creation of cyber threats I have created sections for various cyber techniques\n\nTechnique | Location\n-------------------- | --------------------\nObfucation | [techniques/obfuscation/{name}](obfuscation/)\n"
},
{
"path": "techniques/obfuscation/code_integration/index.md",
"content": "---\nlayout: default\ntitle: Code Integration\npermalink: /techniques/obfuscation/code_integration/\ntags:\n- code integration\n- obfuscation\n- techniques\n---\n\nObfuscation - Code Integration\n==============================\n"
},
{
"path": "techniques/obfuscation/code_transposition/index.md",
"content": "---\nlayout: default\ntitle: Code Integration\npermalink: /techniques/obfuscation/code_transposition/\ntags:\n- code transposition\n- obfuscation\n- techniques\n---\n\nObfuscation - Code Transposition\n================================\n"
},
{
"path": "techniques/obfuscation/dead_code/index.md",
"content": "---\nlayout: default\ntitle: Dead Code\npermalink: /techniques/obfuscation/dead_code/\ntags:\n- dead code\n- obfuscation\n- techniques\n---\n\nObfuscation - Dead Code\n=======================\n"
},
{
"path": "techniques/obfuscation/encryption/common_encrypters/index.md",
"content": "---\nlayout: default\ntitle: Common Encrypters\npermalink: /techniques/obfuscation/encryption/common_encrypters/\ntags:\n- common encrypters\n- obfuscation\n- techniques\n---\n\nCrypter / Protector\n===================\n\nCommon Encrypters:\n------------------\n\n * ARM Protector\n * HOME\n * Not Available\n * DESC\n * ARM Protector is a Windows Portable Executable (PE) file protector and cryptor against reverse engineering (cracking, debugging and other illegal modifications). It has some nice protection options.\n\n * PESpin\n * HOME\n * http://www.pespin.com/\n * DESC\n * PESpin is a simple PE protector, compressor coded in Win32ASM using MASM. Utilizes aPlib as compression library\n\n * PECRYPT32\n * HOME\n * Not Available\n\n * PE-PROTECTOR\n * HOME\n * Not Available\n * DESC\n * PE-PROTECTOR is a encrypter/protector for Windows 9x/ME to protect executable files PE against reverse engineering or cracking with a very strong protection. Features anti-debugger, anti-disassembler, anti-generic dumper, anti-VxD dumper, anti-FrogsICE, anti-Monitors, anti-API spy and many more advanced techniques.\n\n * CodeCrypt\n * HOME\n * Not Available\n\n * tELOCK\n * HOME\n * Not Available\n\n * PEncrypt\n * HOME\n * Not Available\n\n * ELFCrypt\n * HOME\n * https://web.archive.org/web/20071216172051/http://www.infogreg.com/source-code/public-domain/elfcrypt-v1.0.html\n * DESC\n * It's supposed to encrypt the .code section (.text, in most cases) and decrypts itself at run-time.\n\n * Ding Boy's PE-Lock\n * HOME\n * Not Available\n * DESC\n * A PE crypter with definable start message, restrictive runtimes, and restrictive dates.\n\n * Yoda’s Crypter\n * HOME\n * http://sourceforge.net/projects/yodap/files/\n\n * yoda's Protector by yoda & Ashkbiz Danehkar\n * HOME\n * http://sourceforge.net/projects/yodap/files/\n\n * NFO (Based on yoda's crypter)\n * HOME\n * Not Available\n\n * PeX\n * HOME\n * Not Available\n\n * PCPEC\n * HOME\n * Not Available\n\n * PE-SHIELD\n * HOME\n * Not Available\n\n * PELOCKnt\n * HOME\n * Not Available\n\n * PE-ENCRYPTOR\n * HOME\n * Not Available\n\n * VGCrypt\n * HOME\n * Not Available\n\n * NoodleCrypt\n * HOME\n * Not Available\n\n * LameCrypt\n * HOME\n * Not Available\n\n * PE password protector\n * HOME\n * Not Available\n"
},
{
"path": "techniques/obfuscation/encryption/index.md",
"content": "---\nlayout: default\ntitle: Encryption\npermalink: /techniques/obfuscation/encryption/\ntags:\n- encryption\n- obfuscation\n- techniques\n- xor\n---\n\nObfuscation - Encryption\n========================\n\nWhat is encryption?\n-------------------\nEncryption is used to protect the confidentiality of digital data that is stored on electronic systems or transmitted via electronic means.\n\nXOR Tutorial\n------------\nWe will first look at a simple encryption xor example\n[XOR Encryption Example](http://code.cybertechniques.net/example-techniques-obfuscation-encryption-xor/)\n\nCommon Encrypters\n-----------------\n[Click For List](common_encrypters/)\n"
},
{
"path": "techniques/obfuscation/index.md",
"content": "---\nlayout: default\ntitle: Cyber Techniques\npermalink: /techniques/obfuscation/\ntags:\n- cybertechniques\n---\n\nObfuscation Techniques\n======================\n\nWhat is Obfuscation?\n-----------------------\nObfuscation is the deliberate addition of ambiguous, confuscing, or misleading information to interfere with surveillance and data collection.\nThe concept of obfuscation is simple but there are many use cases for obfuscation.\nObfuscation is the production of noise modeled on an existing signal in order to make a collection of data more ambigious, confusing, harder to exploit, more difficult to act on, and therefore less valuable.\nObfuscation can be compared to a safe. A safe is not invincible. A fire safe is rated in hours. It is vulnerable to the same hazards, the only difference is that it was built specifically to help protect its contents. Obfucation provides the same function. It is also vulnerable, its purpose is to just protect its contents that it was made to protect.\n\nObfuscation is a tool that is particularly well suited for people without access to other modes of recourse. This doesn't have to be a particular case, but it can be the case in general. What does this mean? It means that if you are on the weak side of a power play relationship that you will most likely be the one who turns to obfuscation first. It is much easier and cheaper to implement or use obfuscation in certain scenarios than to implement larger more robust solutions.\nDoes this mean that it isn't used by the powerful players. No, it is used by anyone and everyone. Obfuscation is just as successful at what it can provide regardless of the person using it given a solid implementation.\nWe can see examples where actors even at the country level commonly use obfuscation techniques.\nOne example is the 2011 Russian parliamentary elections.\nAnother was seen during the Mexican election.\n\nObfuscation can fool people but not machines. Since obfuscation can't fully protect anything, it can only help obscure things, or make it harder for humans to figure out what is really happening.\n\nThe film Spartacus is another example that shows the use of Obfuscation. Here obfuscation can be seen where instead of just one individual saying that they are Spartacus, there are many individuals all claiming to be Spartacus. This shows that as it is not impossible to find the real person who is the Spartacus they are looking for, it still takes time to filter out all of the unwanted results, thus giving extra time for the real Spartacus to escape.\n\nIn another instance, the company Uber sent large amounts of orders for rides to Gett drivers and then would cancel the orders shortly before the drivers got there. In this case Uber, would then offer the Gett drivers better jobs to switch to Uber. Since the Gett drivers were tired of losting money from Gett they would switch to uber. The obfuscation in this case was a result of all of the fake request that were sent by Uber.\n\nAnother example shows us that works of writing can be obfuscated. It is possible that with the use of computers it is now possible to collect enough text from users that a computer can map a piece of text to a user based on the user's writing style based on a pool of known users and their writings.\nThis type of detection is called stylometry and in order to evade this collection technique you can use obfuscation to vary the writing style of text so that a text style cant be traced back to a specific user. An example of a solution to this type of obfuscation is called Anonymouth.\n\nDo you ever feel like you are being watched when you browse the internet? If so it is because you are. Through the use of cookies, sites such as ad companies are able to track what sites you visit which in turn can then help to target certain ads for display in your internet browser.\nHow can you avoid this? One method that has been used is called the cookie collector. The cookie collector takes cookies from different people and swaps their cookies. This in effect changes the user experience that the users will have when browsing and will confuse the adsense system.\n\nThere are many good use cases for obfuscation. In no other time in history has there been so much data amassed about each on of us as now. All of this data is commonly referred to as Big Data. Big Data has many aspects that are commonly associated with it. Anything from analytics, data aggregation, and predictive modeling. Much of the data is this anonymized isnt truly anonymous. The problem comes from the fact that oftentimes data standing in its singular form is anonymous. The problem is that once you combine multiple singular anonymous data sets, the data often times change from anonymous data to data that clearly identifies relationships between the different anonymouse files.\n\n\nMany forms of obfuscation work best as a way to buy time until something else happens. Obfuscation may only be able to get you a small amount of time as in minutes, hours, days, and if your lucky years. Even though it may not provide much extra time, sometimes a few minutes is all you need.\n\n\n[//]: # (## Interesting points)\n[//]: # (Where does a wise man hide a leaf? In the forest. But what does he do if there is no forest? ... He grows a forest to hide it in.)\n\n\n## Computer related obfuscation techniques\n\n| Obfuscation Technique | Advantage |\n| --------------------------------------------- | ------------------------------------------------------------------------------------ |\n| Packing | Saves memory and bandwidth |\n| Encryption | Simple implementation multiple layers of encryption is more effective |\n| Oligmorphism | More effective than encryption since the decryptor can change |\n| Polymorphism | Became the successor to oligmorphism, and is still an effective technique |\n| Metamorphism | Much more effective than other current obfuscation techniques |\n| Stealthy code obfuscation technique | New idea / implementation, Could easily defeat antimalware scanners in the beginning |\n| Dead code insertion | Simple, changes program appearance |\n| Register reassignment | Simple technique without having to change the program code |\n| Subroutine reordering | Can be effective but not as effective as other techniques |\n| Instruction substitution | Can replace routines like xor with sub and mov instructions for harder detection |\n| Code transposition | Reorders instructions without having an impact on program behavior |\n| Code integration | This technique can make detection and recovery difficult |\n\n\n___\n\n\n### Packing\n\n#### Overview\n\n\n#### Link\n* [packing](packing/)\n\n___\n\n### Encryption\n\n#### Overview\n\n\n#### Link\n* [encryption](encryption/)\n\n___\n\n### Oligamorphism\n\n#### Overview\nOligamorphism is where the decoder is changed for every instance of infection. It can still be detected by its signature, as there is a limit to the number of replications a decoder can make of itself.
\n\n#### Link\n* [oligamorphism](oligamorphism/)\n\n___\n\n### Polymorphism\n\n#### Overview\nPolymorphism is an advancement on oligomorphic malware, this generates infinite number of decoders by using different obfuscation techniques. The basic function of polymorphic malware remains the same each time it is decoded, only the obfuscation changes. Depending on the conditions, polymorphic code also has the ability to re-write itself, further complicating detection.
\n\n#### Link\n* [polymorphism](polymorphism/)\n\n___\n\n### Metamorphism\n\n#### Overview\nMetamorhpism is when code is re-written every time it is replicated, making each instance different from its previous once. This prevents detection by removing the potential for common signatures within a particular malware variant.
\n\n#### Link\n* [metamorphism](metamorphism/)\n\n___\n\n### Stealthy Code\n\n#### Overview\n\n\n#### Link\n* [stealthy code](stealthy_code/)\n\n___\n\n### Dead Code\n\n#### Overview\nDead code is the insertion of No Operation Performed (NOP) code; this code serves no function but is written in a way that complicates analysis.
\n\n#### Link\n* [dead code](dead_code/)\n\n___\n\n### Register Reassignment\n\n#### Overview\nRegister reassignment replaces the unused registers with malware code registersis; the program code and its behaviour remains the same.
\n\n#### Link\n* [register reassignment](register_reassignment/)\n\n___\n\n### Subroutine Ordering\n\n#### Overview\nSubroutine ordering randomly changes the order of subroutines in the program, creating different malware signatures for every variation of subroutines.
\n\n#### Link\n* [subroutine ordering](subroutine_ordering/)\n\n___\n\n### Instruction Substitution\n\n#### Overview\nInstruction substitution replaces some of the code statements with the equivalent statements.
\n\n#### Link\n* [instruction substitution](instruction_substitution/)\n\n___\n\n### Code Transposition\n\n#### Overview\nCode transposition changes the order of instructions by using statements which alters the code from its native form; this is achieved in two ways: by using unconditional branch statements, or by reordering the independent instructions, which is difficult to implement and harder to identify the malware.
\n\n#### Link\n* [code transposition](code_transposition/)\n\n___\n\n### Code Integration\n\n#### Overview\nCode integration inserts a new brief into the benign source code from a program inorder to run the code malicious.
\n\n#### Link\n* [code integration](code_integration/)\n\n___\n\n### References\nhttps://www.cert.gov.uk/wp-content/uploads/2014/11/Code-obfuscation.pdf\n\n"
},
{
"path": "techniques/obfuscation/instruction_substitution/index.md",
"content": "---\nlayout: default\ntitle: Instruction Substitution\npermalink: /techniques/obfuscation/instruction_substitution/\ntags:\n- instruction substitution\n- obfuscation\n- techniques\n---\n\nObfuscation - Instruction Substitution\n======================================\n"
},
{
"path": "techniques/obfuscation/metamorphism/index.md",
"content": "---\nlayout: default\ntitle: Metamorphism\npermalink: /techniques/obfuscation/metamorphism/\ntags:\n- metamorphism\n- obfuscation\n- techniques\n---\n\nObfuscation - Metamorphism\n==========================\n"
},
{
"path": "techniques/obfuscation/oligamorphism/index.md",
"content": "---\nlayout: default\ntitle: Oligamorphism\npermalink: /techniques/obfuscation/oligamorphism/\ntags:\n- oligamorphism\n- obfuscation\n- techniques\n---\n\nObfuscation - Oligamorphism\n===========================\n"
},
{
"path": "techniques/obfuscation/packing/index.md",
"content": "---\nlayout: default\ntitle: Packing\npermalink: /techniques/obfuscation/packing/\ntags:\n- packing\n- obfuscation\n- techniques\n---\n\nObfuscation - Packing\n=====================\n\nIntroduction\n------------\n\n### What is packing?\n\nA packer helps to reduce the physical size of an executable by using a compression technology. A decompression stub is usually then attached, parasitically, to the executable. At runtime, the decompression stub expands the original application and transfers control to the original entry point.\n\n#### Common packers:\nFree\n\n * UPX\n * HOME\n * http://upx.sourceforge.net/\n * DESC\n * UPX is a free, portable, extendable, high-performance executable packer supporting multiple executable formats\n * EXAMPLE\n * [Link](http://code.cybertechniques.net/example-techniques-obfuscation-packing-upx/)\n * UNPACKING\n\n * Morphine\n * HOME\n * http://www.delphibasics.info/home/delphibasicscounterstrikewireleases/polymorphiccrypter-morphine27byholyfather\n * DESC\n * UNPACKING\n * http://www.joestewart.org/morphine-dll/\n\n * Mew\n * HOME\n * https://web.archive.org/web/20070204142739/http://northfox.uw.hu/down/mew11.zip\n * DESC\n * Mew is an exe-packer program, based on LZMA and ApPack methods, written in MASM 32 and Visual C++ by Northfox. Originaly it was designed for small files (4k,64k intros), but it supports bigger files too. With one of the best compression ratio.\n\n * Packman\n * HOME\n * http://packmanpacker.sourceforge.net/\n * DESC\n * Packman is a 32bit Windows Portable Executable image packer. It will take an existing executable and compress it into a form that runs exactly like the original. The main goal of the program is to give the user detailed control over the packing process.\n\n * exe32pack\n * HOME\n * http://www.woodmann.com/forum/showthread.php?5035-exe32pack-unpacker-dumper-with-source\n * DESC\n * Packs win32 executables and dynamically expands them upon execution. Helps protect executables against tampering.\n * SOURCE\n * http://www.woodmann.com/forum/attachment.php?attachmentid=885&d=1076532697\n\n * EZIP\n * HOME\n * DESC\n * SOURCE\n * UNPACKING\n * http://comcrazy.net76.net/REA/Manual%20unpacking%20EZIP%201.0.htm\n\n * PE-PaCK\n * HOME\n * DESC\n * Quote: I have compared PEPACK to all the other PE packers I know off: PETITE, PECRYPT, WWPACK32, SHRINKER, STNPEE... And I can proudly say, that PEPACK beats up all of them.\n * SOURCE\n * UNPACKING\n\n * FSG\n * HOME\n * Not working - http://www.woodmann.net/bart/download.php?id=xt_fsg20.zip\n\n * cExe\n * HOME\n * http://www.scottlu.com/Content/CExe.html\n * DESC\n * Compress any executable! With CExe, you can compress any executable and make it significantly smaller and still fully functional. This is useful for sending executables in email, downloading executables over the net, fitting executables on floppies, etc. CExe can compress Win32 executables, Win16 executables, OS/2 executables, WinNT Posix executables... the output format is *always* Win32 executable format\n\n * PE Diminisher\n * HOME\n * Not Available\n * DESC\n * PE Diminisher is a simple PE packer. Just run it, open the file you want to pack, and select Encrypt File! This software was written in learning purpose only. Nice GUI.\n\n\n"
},
{
"path": "techniques/obfuscation/polymorphism/index.md",
"content": "---\nlayout: default\ntitle: Polymorphism\npermalink: /techniques/obfuscation/polymorphism/\ntags:\n- polymorphism\n- obfuscation\n- techniques\n---\n\nObfuscation - Polymorphism\n==========================\n"
},
{
"path": "techniques/obfuscation/register_reassignment/index.md",
"content": "---\nlayout: default\ntitle: Register Reassignment\npermalink: /techniques/obfuscation/register_reassignment/\ntags:\n- register reassignment\n- obfuscation\n- techniques\n---\n\nObfuscation - Register Reassignment\n===================================\n"
},
{
"path": "techniques/obfuscation/stealthy_code/index.md",
"content": "---\nlayout: default\ntitle: Stealthy Code\npermalink: /techniques/obfuscation/stealthy_code/\ntags:\n- stealthy code\n- obfuscation\n- techniques\n---\n\nObfuscation - Stealthy Code\n===========================\n"
},
{
"path": "techniques/obfuscation/subroutine_ordering/index.md",
"content": "---\nlayout: default\ntitle: Subroutine Ordering\npermalink: /techniques/obfuscation/subroutine_ordering/\ntags:\n- subroutine ordering\n- obfuscation\n- techniques\n---\n\nObfuscation - Subroutine Ordering\n=================================\n"
}
]