|
Penetration Testing
mailing list archives
Re: Analize Virus
From: "Robert McArdle" <robertmcardle () gmail com>
Date: Wed, 1 Aug 2007 10:24:38 +0100
If it Blackbox testing you are looking for (i.e. see effects of the threat
on the system) as opposed to debugging / dissassembly, here are some to get
you started, although there are many other excellent apps
Regshot - Takes before/after snapshot of the registry/filesystem-
http://www.softpedia.com/get/Tweak/Registry-Tweak/Reg-Shot.shtml
Wireshark - Network Analyzer- www.wireshark.org
SysInternals (Now Microsoft) tools -
http://www.microsoft.com/technet/sysinternals/default.mspx
has a good few that are worth a look, specifically Process Monitor,
Autoruns, Process Explorer, etc
After that you'll want some Rootkit detectors like GMER or IceSword
Robert McArdle
--
www.RobertMcArdle.com/blog/ - Techie/Security/Inane Ramblings
On 7/31/07, Rafa Richart <Rafa () ontinet com> wrote:
Hi Pals,
we're looking for some tools to analize the Malware behaivor, we've a Lab under contrucción, but we need some advices
of what tools we've to use. tools to see what have benn changin the registry, stat conexions etc...
Any help is wellcome.
Thanks in advance
Rafa
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------
--
www.RobertMcArdle.com/blog/ - Techie/Security/Inane Ramblings
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------
 By Date 
By Thread
Current thread:
|
Intro
