From: Robert McArdle (robertmcardle@gmail.com)
Date: Wed Aug 01 2007 - 05:24:38 EDT
If it Blackbox testing you are looking for (i.e. see effects of the threat
on the system) as opposed to debugging / dissassembly, here are some to get
you started, although there are many other excellent apps
Regshot - Takes before/after snapshot of the registry/filesystem-
http://www.softpedia.com/get/Tweak/Registry-Tweak/Reg-Shot.shtml
Wireshark - Network Analyzer- www.wireshark.org
SysInternals (Now Microsoft) tools -
http://www.microsoft.com/technet/sysinternals/default.mspx
has a good few that are worth a look, specifically Process Monitor,
Autoruns, Process Explorer, etc
After that you'll want some Rootkit detectors like GMER or IceSword
Robert McArdle
-- www.RobertMcArdle.com/blog/ - Techie/Security/Inane Ramblings On 7/31/07, Rafa Richart <Rafa@ontinet.com> wrote: > > Hi Pals, > > we're looking for some tools to analize the Malware behaivor, we've a Lab under contrucción, but we need some advices of what tools we've to use. tools to see what have benn changin the registry, stat conexions etc... > > Any help is wellcome. > > Thanks in advance > > Rafa > > > > ------------------------------------------------------------------------ > This list is sponsored by: Cenzic > > Need to secure your web apps NOW? > Cenzic finds more, "real" vulnerabilities fast. > Click to try it, buy it or download a solution FREE today! > > http://www.cenzic.com/downloads > ------------------------------------------------------------------------ > > -- www.RobertMcArdle.com/blog/ - Techie/Security/Inane Ramblings ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:59 EDT