Many of the tools presented here are geared towards the Windows Operating System.
Process Monitoring
- Process Hacker– Can view services/network/process activity and strings
- CaptureBat– used to capture deleted files and record activity
- Process Monitor-Allows for the viewing of running processes
Tools Network Monitoring
- Microsoft Network Monitor-Can monitor the network for activity
- API Monitor– API Monitor is a free software that lets you monitor and control API calls made by applications and services. Its a powerful tool for seeing how applications and services work or for tracking down problems that you have in your own applications.
Assembly x86 Tools
- OllyDBG-Used for decompiling executables and debugging
Additional Tools
- Autoruns-Allows you to view the registry for changes
- Strings– a program in Unix-like operating systems that finds and prints text strings embedded in binary files such as executables
- Detect It Easy-Allows you to view the language used and linker for the executable specified
- ResourceHacker– Resource Hacker™ is a resource editor for 32bit and 64bit Windows® applications. It’s both a resource compiler (for *.rc files), and a decompiler – enabling viewing and editing of resources in executables
- HashmyFiles-Allows for the hashing of various file types
Sean Sanders 