Penetration Testing mailing list archives
Re: Analize Virus
From: "Robert McArdle" <robertmcardle () gmail com>
Date: Wed, 1 Aug 2007 10:24:38 +0100
If it Blackbox testing you are looking for (i.e. see effects of the threat on the system) as opposed to debugging / dissassembly, here are some to get you started, although there are many other excellent apps Regshot - Takes before/after snapshot of the registry/filesystem- http://www.softpedia.com/get/Tweak/Registry-Tweak/Reg-Shot.shtml Wireshark - Network Analyzer- www.wireshark.org SysInternals (Now Microsoft) tools - http://www.microsoft.com/technet/sysinternals/default.mspx has a good few that are worth a look, specifically Process Monitor, Autoruns, Process Explorer, etc After that you'll want some Rootkit detectors like GMER or IceSword Robert McArdle -- www.RobertMcArdle.com/blog/ - Techie/Security/Inane Ramblings On 7/31/07, Rafa Richart <Rafa () ontinet com> wrote:
Hi Pals, we're looking for some tools to analize the Malware behaivor, we've a Lab under contrucción, but we need some advices of what tools we've to use. tools to see what have benn changin the registry, stat conexions etc... Any help is wellcome. Thanks in advance Rafa ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
-- www.RobertMcArdle.com/blog/ - Techie/Security/Inane Ramblings ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
Current thread:
- Re: Analize Virus 杨峰 (Aug 01)
- Re: Analize Virus Paul Halliday (Aug 03)
- <Possible follow-ups>
- Re: Analize Virus Jason Ross (Aug 01)
- Re: Analize Virus Robert McArdle (Aug 01)
- Re: Analize Virus Colin Copley (Aug 01)
- RE: Analize Virus Matt Steer (Aug 03)
- Re: Analize Virus lists73 (Aug 03)
- Re: Analize Virus Andre' - SemperSecurus (Aug 03)
- Re[2]: Analize Virus Rafa Richart (Aug 03)
- Re: Re: Analize Virus ebk_lists (Aug 03)