Since CrowdStrike released our free Crowdsourced Reverse Engineering (CrowdRE) service in June, the team has been hard at work building new features that we were very excited to unveil at Black Hat USA 2012. The new features are a direct result of some of the great feedback that the community provided and we encourage more feedback on these new features. In an effort to lead by example the CrowdStrike Intelligence Team has committed nearly all of our current annotations to CrowdRE, you can immediately benefit from our reverse engineering efforts. We just created and posted the video below that demonstrates some of the latest features and how to set up the CrowdRE environment.
When CrowdRE was released at REcon in June the immediate feedback was to provide a Linux and Mac versions of the plugin, Jason Geffner during the presentation surveyed the audience and it was a mixed result of what version to focus on. Since there was interest for Mac and Linux, we decided to release both versions! To access the newest plugin visit http://crowd.re and you will see the following page:
The other feedback we received was that users did not want to share their annotations with everyone, and while CrowdRE was built to share reversing intelligence with as many people as possible, we understand that sometimes this data does need to be compartmentalized. The group feature is a way to limit the distribution of your annotations to a limited subset of CrowdRE users. This feature is simple to use and you may have seen the place holder for it in the CrowdRE UI over the last few weeks. The way this works is to:
- Create a group
- Add/invite friends to the group to share annotations with
- Crowd Reverse annotations with your group
CrowdRE users can create different groups for different projects and share annotations to those groups; this allows for example the formulation of working groups for particular malware families. An example might be to create a Zeus working group, in this situation members of that group may share annotations exclusively amongst themselves from Zeus reverse engineering projects to ensure all participants have the latest analysis.
CrowdStrike would like to pay special thanks to Ilfak Guilfanov and his Hex-Rays team for all the support they provided to the CrowdRE team to help navigate some of the unique challenges of building a portable IDA Pro plugin.