Penetration Testing: Re: Spyware assessment techniques

[Semper Securus <sempersecurus () gmail com>]

These are two programs that run on *nix (I also think there are
FreeBSD ports as well) that will emulate a vulnerable Windows box for
the purposes of collecting malware.  We run a bunch of sensors over at
Shadowserver and these progams have been hugely successful in
collecting current malware for analysis.

http://nepenthes.sourceforge.net/

http://www.mwcollect.org/

Good Luck !

Andre'
--
SemperSecurus


On 2/11/06, Ed Hotchkiss <edhotchkiss () gmail com> wrote:
> kind of off topic here to pen-testers, however somewhat related to
> this question ... i was reading a bit back when i only had access to
> win32 boxes; about a nix application made specifically for capturing
> wild malware by acting as a specific honeypot, emulating services etc
> to capture malware binaries, does anyone know of an example
> application?
>
> -edward
>
> ------------------------------------------------------------------------------
> Audit your website security with Acunetix Web Vulnerability Scanner:
>
> Hackers are concentrating their efforts on attacking applications on your
> website. Up to 75% of cyber attacks are launched on shopping carts, forms,
> login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
> futile against web application hacking. Check your website for vulnerabilities
> to SQL injection, Cross site scripting and other web attacks before hackers do!
> Download Trial at:
>
> http://www.securityfocus.com/sponsor/pen-test_050831
> -------------------------------------------------------------------------------