Penetration Testing mailing list archives
Re: Spyware assessment techniques
From: Semper Securus <sempersecurus () gmail com>
Date: Sat, 11 Feb 2006 23:20:14 -0500
These are two programs that run on *nix (I also think there are FreeBSD ports as well) that will emulate a vulnerable Windows box for the purposes of collecting malware. We run a bunch of sensors over at Shadowserver and these progams have been hugely successful in collecting current malware for analysis. http://nepenthes.sourceforge.net/ http://www.mwcollect.org/ Good Luck ! Andre' -- SemperSecurus On 2/11/06, Ed Hotchkiss <edhotchkiss () gmail com> wrote:
kind of off topic here to pen-testers, however somewhat related to this question ... i was reading a bit back when i only had access to win32 boxes; about a nix application made specifically for capturing wild malware by acting as a specific honeypot, emulating services etc to capture malware binaries, does anyone know of an example application? -edward ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- Spyware assessment techniques Derek Nash (Feb 10)
- Message not available
- Re: Spyware assessment techniques Eric Schultze (Feb 10)
- Message not available
- Re: Spyware assessment techniques Packet Man (Feb 11)
- Re: Spyware assessment techniques Paul Halliday (Feb 11)
- Message not available
- Re: Spyware assessment techniques Ed Hotchkiss (Feb 11)
- Re: Spyware assessment techniques Semper Securus (Feb 11)
- Message not available
- Re: Spyware assessment techniques - hub? Petr . Kazil (Feb 12)
- Re: Spyware assessment techniques - hub? Packet Man (Feb 12)
- Re: Spyware assessment techniques - hub? offset (Feb 12)
- RE: Spyware assessment techniques - hub? Richard Zaluski (Feb 13)
- RE: Spyware assessment techniques - hub? Dan Tesch (Feb 13)
- <Possible follow-ups>
- RE: Spyware assessment techniques Butler, Theodore (Feb 10)
- Re: Spyware assessment techniques Thorsten Holz (Feb 10)
- RE: Spy ware assessment techniques Terry Vernon (Feb 10)
- RE: Spy ware assessment techniques jseitz (Feb 11)
- Re: Spyware assessment techniques Thorsten Holz (Feb 10)