Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

pen-test logo Penetration Testing mailing list archives

Re[2]: Analize Virus
From: Rafa Richart <Rafa () ontinet com>
Date: Fri, 3 Aug 2007 13:59:52 +0200

Thanks very much to all the people has aswered my question, now I've many information 


Best regards

jueves, 02 de agosto de 2007
a las 17:39, escribió:

AS> My $.02

AS> For static or code analysis, I use IDAPro or Ollydbg as well as good
AS> old 'strings' and 'objdump', I've also been starting to play with PE
AS> Explorer lately.

AS> For dynamic studies, I'll run wireshark on my host system and use a
AS> combo of Winalysis, Process Explorer, filemon, and fport. Lately, I've
AS> been kicking SysAnalyzer around a bit.

AS> Keep in mind, more and more malware is becoming VMWare aware, so a
AS> hardware solution such as a CoreRestore card might be a good
AS> investment.

AS> In general:

AS> Behavioral Analysis:
AS> Wireshark
AS> Process Monitor
AS> Process Explorer
AS> FileMon
AS> RegMon
AS> TCPView
AS> Winalysis
AS> SysAnalyzer
AS> Snort
AS> tcpdump

AS> Static Analysis:
AS> AV Scanners
AS> IDA Pro
AS> Ollydbg
AS> strings
AS> Various unpackers
AS> PE Explorer
AS> LordPE
AS> Google

AS> HTH



AS> On 7/31/07, Rafa Richart <Rafa () ontinet com> wrote:


Hi Pals,



we're looking for some tools to analize the Malware behaivor, we've a Lab under contrucción, but we need some 
advices of what tools we've to use. tools to see what have benn changin the registry, stat conexions etc...



Any help is wellcome.



Thanks in advance



Rafa





------------------------------------------------------------------------
This list is sponsored by: Cenzic



Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!



http://www.cenzic.com/downloads
------------------------------------------------------------------------









-- 
Saludos,
Departamento técnico
Ontinet.com, S.L.
http://www.protegerse.com
----------------------------------------------------------------------------
Noticias de seguridad, Datos sobre virus, Alertas, Bulos
Visite nuestra Enciclopedia: http://www.enciclopediavirus.com
----------------------------------------------------------------------------

***
Mensaje escrito con The Bat! versión 3.95.8
Con fecha viernes, 03 de agosto de 2007 a las 13:55


------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]