Penetration Testing mailing list archives

Fw: testing an installer

From: "Timmothy Lester" <Timmothy.Lester () primeadvisors com>
Date: Tue, 26 Feb 2008 17:09:07 -0800

----- Original Message -----
From: Timmothy Lester
To: 'dzoner () gmail com' <dzoner () gmail com>
Sent: Tue Feb 26 17:06:08 2008
Subject: Re: testing an installer

Just to add some good tools you may also be interested in..  Tea timer (which comes with spybot S&D) won't allow 
software to chang the registry without your permission.  Not good for testing, but a good tool indeed.  On the same 
vendors webpage, there is a tool called file anyzer (or something like that) which may come in handy.  Not the best 
tool for the job, but I have used it and its good enough/ lightweight.

----- Original Message -----
From: listbounce () securityfocus com <listbounce () securityfocus com>
To: pen-test () securityfocus com <pen-test () securityfocus com>
Sent: Mon Feb 25 15:05:32 2008
Subject: Re: testing an installer

On Mon, Feb 25, 2008 at 10:25 PM, Qazi, Reema <reema.qazi () intel com> wrote:

Hi,

    I am new to penetration testing and am doing security testing on an
 installer. I need some help on "how to figure out every file & registry
 entry an installer reads & writes".

 Any tools that can help me find this info?



 Regards,
 Reema.



 ------------------------------------------------------------------------
 This list is sponsored by: Cenzic

 Need to secure your web apps NOW?
 Cenzic finds more, "real" vulnerabilities fast.
 Click to try it, buy it or download a solution FREE today!

 http://www.cenzic.com/downloads
 ------------------------------------------------------------------------


Hello

You can do that with active registry monitor (ARM) which has option to
create snapshot before and after actions and then you can compare
them.

You can find it on internet, 30days trial works like a charm.

Regards
Amar

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------

Current thread:

RE: testing an installer Van Meter, Micheal (Feb 27)
- <Possible follow-ups>
- Fw: testing an installer Timmothy Lester (Feb 27)