In this series, Talos releases open-source tools, along with insights, tips, and enhancements to help cybersecurity researchers work smarter and more effectively.
Scripting the disassembler: Local agentic reverse engineering through vbdec’s live COM object model
Cisco Talos detailed a new approach to reverse engineering that pairs local AI agents with traditional analysis tools like the VB6 disassembler vbdec. Instead of awkwardly bolting AI onto the software, vbdec exposes its parsed data through a live COM interface.
Introducing EvidenceForge: Synthetic security logs that don’t look (as) fake
EvidenceForge generates high-quality, realistic, and consistent datasets across multiple log formats, enabling teams to effectively train personnel and validate detection models without the need for complex manual simulations.
AI-powered honeypots: Turning the tables on malicious AI agents
Just as AI brings time-saving advantages to our lives, it brings similar advantages to threat actors. We can take the advantage back. This blog shows how generative AI can be used to rapidly deploy adaptive honeypot systems.
Transparent COM instrumentation for malware analysis
In this article, Cisco Talos presents DispatchLogger, a new open-source tool that delivers high visibility into late-bound IDispatch COM object interactions via transparent proxy interception.
Do robots dream of secure networking? Teaching cybersecurity to AI systems
This blog demonstrates a proof of concept using LangChain and OpenAI, integrated with Cisco Umbrella API, to provide AI agents with real-time threat intelligence for evaluating domain dispositions.
Dynamic binary instrumentation (DBI) with DynamoRio
Learn how to build your own dynamic binary instrumentation (DBI) tool with open-source DynamoRIO to enable malware analysis, security auditing, reverse engineering, and more.