LATEST: We are offering PENTESTING and WEB DEVELOPMENT service with low price Learn More

2/06/2012

List of software that I use for analyzing malware

 Update the list as I discover new useful tools. All are free or have evaluation versions.
Virtual Machine

Oracle VM Virtual Box - running Windows XP 32-bit.

PE Identifiers

exeinfo EP - identifies packers, liguagens programming and gives tips for unpackers.
SIDS - identifies packers, strings, encryption, generic unpacker, plugins.
RDG Packer Detector - identifies packers, programming languages, encryption.

Disassemblers / debuggers

OllyDbg - Full disassembler and debugger.
IDA Pro Free - Full disassembler and debugger.
PEBrowse Pro - disassembler, resource viewer and sessions of the executable.
PE Explorer - disassembler, resource viewer and sessions of the executable.

Decompilers

DeDe - Delphi decompiler.
Pro VB Decompiler - Decompiler of Visual Basic.

Monitoring

Fiddler - web debugger, logs all HTTP traffic (S) between the computer and the Internet.
InstallSpy - lets you run a file and view your changes in Windows.
Process Explorer - powerful version of the task manager (taskmanager) for Windows.
Process Monitor - monitor processes and their interactions with the operating system.
Regshot - monitors registry changes after comparing two versions.
Wireshark - famous network sniffer captures packets transmitted.

Several

AnalogX TextScan - allows you to view any file strings.
LordPE - performs a memory dump of the process.

About Author:

Hi, Its me Aamir Khan, Owner of HACKING ARTICLES. I am an Ethical Hacker, Pro Blogger, addicted Web Developer and Security Researcher with experience in various aspects of Information Security. I am from Pakistan.Hacking is my passion and i wanna myself to be called as a LEGEND in this field.

Follow him @ Twitter | Facebook


0 comments:

Post a Comment

Your feedback is always appreciated. We will try to reply to your queries as soon as time allows.
Note:
1. Make sure to click the "Subscribe By Email" link below the comment to be notified of follow up comments and replies.
2. Please "Do Not Spam" - Spam comments will be deleted immediately upon our review.
3. Please "Do Not Add Links" to the body of your comment as they will not be published.
4. Only "English" comments shall be approved.
5. If you have a problem check first the comments, maybe you will find the solution there.