Fw: testing an installer

From: Timmothy Lester (Timmothy.Lester@primeadvisors.com)
Date: Tue Feb 26 2008 - 20:09:07 EST

• Next message: Erin Carroll: "Re: Pentesting tool - Commercial"
• Previous message: Van Meter, Micheal: "RE: testing an installer"
• Maybe in reply to: Qazi, Reema: "testing an installer"
• Next in thread: Matheus Michels: "RE: PPP authentication brute-force attack?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

----- Original Message -----
From: Timmothy Lester
To: 'dzoner@gmail.com' <dzoner@gmail.com>
Sent: Tue Feb 26 17:06:08 2008
Subject: Re: testing an installer

Just to add some good tools you may also be interested in.. Tea timer (which comes with spybot S&D) won't allow software to chang the registry without your permission. Not good for testing, but a good tool indeed. On the same vendors webpage, there is a tool called file anyzer (or something like that) which may come in handy. Not the best tool for the job, but I have used it and its good enough/ lightweight.

----- Original Message -----
From: listbounce@securityfocus.com <listbounce@securityfocus.com>
To: pen-test@securityfocus.com <pen-test@securityfocus.com>
Sent: Mon Feb 25 15:05:32 2008
Subject: Re: testing an installer

On Mon, Feb 25, 2008 at 10:25 PM, Qazi, Reema <reema.qazi@intel.com> wrote:
> Hi,
>
> I am new to penetration testing and am doing security testing on an
> installer. I need some help on "how to figure out every file & registry
> entry an installer reads & writes".
>
> Any tools that can help me find this info?
>
>
>
> Regards,
> Reema.
>
>
>
> ------------------------------------------------------------------------
> This list is sponsored by: Cenzic
>
> Need to secure your web apps NOW?
> Cenzic finds more, "real" vulnerabilities fast.
> Click to try it, buy it or download a solution FREE today!
>
> http://www.cenzic.com/downloads
> ------------------------------------------------------------------------
>
>

Hello

You can do that with active registry monitor (ARM) which has option to
create snapshot before and after actions and then you can compare
them.

You can find it on internet, 30days trial works like a charm.

Regards
Amar

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------

• Next message: Erin Carroll: "Re: Pentesting tool - Commercial"
• Previous message: Van Meter, Micheal: "RE: testing an installer"
• Maybe in reply to: Qazi, Reema: "testing an installer"
• Next in thread: Matheus Michels: "RE: PPP authentication brute-force attack?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:58:26 EDT