Re: Analize Virus

["Robert McArdle" <robertmcardle () gmail com>]

If it Blackbox testing you are looking for (i.e. see effects of the threat
on the system) as opposed to debugging / dissassembly, here are some to get
you started, although there are many other excellent apps

Regshot - Takes before/after snapshot of the registry/filesystem-
http://www.softpedia.com/get/Tweak/Registry-Tweak/Reg-Shot.shtml

Wireshark - Network Analyzer- www.wireshark.org

SysInternals (Now Microsoft) tools -
http://www.microsoft.com/technet/sysinternals/default.mspx

has a good few that are worth a look, specifically Process Monitor,
Autoruns, Process Explorer, etc

After that you'll want some Rootkit detectors like GMER or IceSword



Robert McArdle
--
www.RobertMcArdle.com/blog/ - Techie/Security/Inane Ramblings

On 7/31/07, Rafa Richart <Rafa () ontinet com> wrote:
> Hi Pals,
>
> we're looking for some tools to analize the Malware behaivor, we've a Lab under contrucción, but we need some advices 
> of what tools we've to use. tools to see what have benn changin the registry, stat conexions etc...
>
> Any help is wellcome.
>
> Thanks in advance
>
> Rafa
>
>
>
> ------------------------------------------------------------------------
> This list is sponsored by: Cenzic
>
> Need to secure your web apps NOW?
> Cenzic finds more, "real" vulnerabilities fast.
> Click to try it, buy it or download a solution FREE today!
>
> http://www.cenzic.com/downloads
> ------------------------------------------------------------------------



-- 
www.RobertMcArdle.com/blog/ - Techie/Security/Inane Ramblings

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------