Penetration Testing mailing list archives
Re[2]: Analize Virus
From: Rafa Richart <Rafa () ontinet com>
Date: Fri, 3 Aug 2007 13:59:52 +0200
Thanks very much to all the people has aswered my question, now I've many information Best regards jueves, 02 de agosto de 2007 a las 17:39, escribió: AS> My $.02 AS> For static or code analysis, I use IDAPro or Ollydbg as well as good AS> old 'strings' and 'objdump', I've also been starting to play with PE AS> Explorer lately. AS> For dynamic studies, I'll run wireshark on my host system and use a AS> combo of Winalysis, Process Explorer, filemon, and fport. Lately, I've AS> been kicking SysAnalyzer around a bit. AS> Keep in mind, more and more malware is becoming VMWare aware, so a AS> hardware solution such as a CoreRestore card might be a good AS> investment. AS> In general: AS> Behavioral Analysis: AS> Wireshark AS> Process Monitor AS> Process Explorer AS> FileMon AS> RegMon AS> TCPView AS> Winalysis AS> SysAnalyzer AS> Snort AS> tcpdump AS> Static Analysis: AS> AV Scanners AS> IDA Pro AS> Ollydbg AS> strings AS> Various unpackers AS> PE Explorer AS> LordPE AS> Google AS> HTH AS> On 7/31/07, Rafa Richart <Rafa () ontinet com> wrote:
Hi Pals,
we're looking for some tools to analize the Malware behaivor, we've a Lab under contrucción, but we need some advices of what tools we've to use. tools to see what have benn changin the registry, stat conexions etc...
Any help is wellcome.
Thanks in advance
Rafa
------------------------------------------------------------------------ This list is sponsored by: Cenzic
Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads ------------------------------------------------------------------------
-- Saludos, Departamento técnico Ontinet.com, S.L. http://www.protegerse.com ---------------------------------------------------------------------------- Noticias de seguridad, Datos sobre virus, Alertas, Bulos Visite nuestra Enciclopedia: http://www.enciclopediavirus.com ---------------------------------------------------------------------------- *** Mensaje escrito con The Bat! versión 3.95.8 Con fecha viernes, 03 de agosto de 2007 a las 13:55 ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
Current thread:
- Re: Analize Virus 杨峰 (Aug 01)
- Re: Analize Virus Paul Halliday (Aug 03)
- <Possible follow-ups>
- Re: Analize Virus Jason Ross (Aug 01)
- Re: Analize Virus Robert McArdle (Aug 01)
- Re: Analize Virus Colin Copley (Aug 01)
- RE: Analize Virus Matt Steer (Aug 03)
- Re: Analize Virus lists73 (Aug 03)
- Re: Analize Virus Andre' - SemperSecurus (Aug 03)
- Re[2]: Analize Virus Rafa Richart (Aug 03)
- Re: Re: Analize Virus ebk_lists (Aug 03)