FireEye Releases Open Source Flash File Analysis Tool
Security company FireEye releases an open source tool for analyzing Flash files. Researchers and developers can use the tool as a separate application or integrate it as a library into their own software.
The program is called Flashmingo and can be found on Github. The tool uses the open source library SWIFFAS to parse Flash files into one object containing all information such as tags, strings and binary data.
Flashmingo can be used as a standalone application, but researchers can also integrate the libraries into their own analysis tools. According to FireEye, it is also possible to add additional functionality via Python plugins. For example, this allows users to decompile Flash objects and detect suspicious file names.
Although Flash is on the decline and increasingly being replaced by alternatives like HTML5, FireEye believes the software will remain a threat for a long time to come. Maker Adobe will stop development in 2020, but many legacy systems will continue to use the software.
“History shows that legacy technologies typically last a long time,” FireEye writes in a blog post. “If organizations don’t phase out Flash, the threat posed by Flash will only increase because of the lack of security updates.” According to FireEye, the company’s security researchers still regularly see Flash exploits that spread malware.