- This topic has 2 replies, 1 voice, and was last updated 5 months, 2 weeks ago by
.
Viewing 3 posts - 1 through 3 (of 3 total)
-
Posts
-
Malware Analyst tools required and some examples of them:
Disassembler – IDA Pro
Debugger – OllyDbg, WinDbg
System Monitor – Process Monitor, RegShot. Process Explorer
Network Monitor – TCP View, Wireshark
Packer Identifier – PEID
Unpacking Tools – Qunpack. GUNPacker
Binary Analysis Tools – PE Explorer, Malcode Analysts Pack
Code Analysis Tools – LordPE, ImpRecSources:
Free Toolkits for Automating Malware Analysis
Analysis Tool courtesy by tcm-sec.com website.
FLARE-VM/REMnux Tool List
- FLARE-VMstrings/FLOSS: https://github.com/mandiant/flare-floss
- PEView: http://wjradburn.com/software/
- upx (not used but referenced): https://upx.github.io/
- PEStudio: https://www.winitor.com/download
- Capa: https://github.com/mandiant/capa
- Wireshark: https://www.wireshark.org/
- Sysinternals (Procmon, TCPView): https://learn.microsoft.com/en-us/sysinternals/downloads/
- nc/ncat: https://nmap.org/download
- Cutter: https://github.com/rizinorg/cutter
- x32/x64dbg: https://x64dbg.com/
- Process Hacker 2 (now known as System Informer): https://systeminformer.sourceforge.io/
- scdbg: https://github.com/dzzie/SCDBG
- dnSpy/dnSpyEx: https://github.com/dnSpyEx/dnSpy
- PEBear: https://hshrzd.wordpress.com/pe-bear/
- YARA: https://github.com/VirusTotal/yara
REMnux
- base64 (built in Linux bin)
- OLEdump: https://github.com/DidierStevens/DidierStevensSuite/blob/master/oledump.py
- MobSF (Docker Container): https://github.com/MobSF/Mobile-Security-Framework-MobSF | https://hub.docker.com/r/opensecurity/mobile-security-framework-mobsf/
- INetSim: https://www.inetsim.org/
- PMAT Labs: https://github.com/HuskyHacks/PMAT-labs
- theZoo: https://github.com/ytisf/theZoo
- vx-underground main site: https://www.vx-underground.org/
- vx-underground GitHub repo: https://github.com/vxunderground/MalwareSourceCode
- Zeltser Resources: https://zeltser.com/malware-sample-sources/
- MalwareBazaar: https://bazaar.abuse.ch/
Viewing 3 posts - 1 through 3 (of 3 total)
- You must be logged in to reply to this topic.