Flashmingo, a tool that detects Adobe Flash vulnerabilities, is now available
Despite the fact that Adobe Flash is set to be completely deprecated by 2020, it won't be going away any time soon, especially from legacy web content built with it in mind. In order to ensure security to counter malicious actors discovering exploits for the foreseeable future, the developers behind FireEye have created and released an open source tool called FLASHMINGO.
Flashmingo automatically parses and analyzes .swf files used in Adobe Flash Player for vulnerabilities. It can work as an independent part of an analyst's workflow or as part of a library. It's extendible via Python plugins, enabling further custom functionality to be further tooled to the needs of your workflow or analysis.
In the words of FireEye in its conclusion to the post announcing Flashmingo's release:
"Flashmingo provides malware analysts a flexible framework to quickly deal with these pesky Flash samples without getting bogged down in the intricacies of the execution environment and file format."
Flashmingo is available now via GitHub.
- Free • Open Source
FLASHMINGO is an analysis framework for SWF files. The tool automatically triages suspicious Flash files and guides the further analysis process, freeing precious resources in your team. You can easily incorporate FLASHMINGO’s analysis modules into your workflow.