Malware Analysis

Many of the tools presented here are geared towards the Windows Operating System.

Process Monitoring

  • CaptureBat– used to capture deleted files and record activity

Tools Network Monitoring

  • API Monitor– API Monitor is a free software that lets you monitor and control API calls made by applications and services. Its a powerful tool for seeing how applications and services work or for tracking down problems that you have in your own applications.

Assembly x86 Tools

  • OllyDBG-Used for decompiling executables and debugging

Additional Tools

  • Autoruns-Allows you to view the registry for changes
  • Strings– a program in Unix-like operating systems that finds and prints text strings embedded in binary files such as executables
  • Detect It Easy-Allows you to view the language used and linker for the executable specified
  • ResourceHacker– Resource Hacker™ is a resource editor for 32bit and 64bit Windows® applications. It’s both a resource compiler (for *.rc files), and a decompiler – enabling viewing and editing of resources in executables
  • HashmyFiles-Allows for the hashing of various file types

Python Scripts

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s