Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Spyware assessment techniques

From: Semper Securus <sempersecurus () gmail com>
Date: Sat, 11 Feb 2006 23:20:14 -0500
These are two programs that run on *nix (I also think there are
FreeBSD ports as well) that will emulate a vulnerable Windows box for
the purposes of collecting malware.  We run a bunch of sensors over at
Shadowserver and these progams have been hugely successful in
collecting current malware for analysis.

http://nepenthes.sourceforge.net/

http://www.mwcollect.org/

Good Luck !

Andre'
--
SemperSecurus


On 2/11/06, Ed Hotchkiss <edhotchkiss () gmail com> wrote:

kind of off topic here to pen-testers, however somewhat related to
this question ... i was reading a bit back when i only had access to
win32 boxes; about a nix application made specifically for capturing
wild malware by acting as a specific honeypot, emulating services etc
to capture malware binaries, does anyone know of an example
application?

-edward

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: