-
Notifications
You must be signed in to change notification settings - Fork 6
/
Copy pathTools
36 lines (30 loc) · 1.25 KB
/
Tools
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
1. Capture BAT - https://www.honeynet.org/node/315
2. SysInternals - https://technet.microsoft.com/en-us/sysinternals/bb842062.aspx
3. MAP Pack - http://sandsprite.com/CodeStuff/map_setup.exe
4. RegShot - http://sourceforge.net/projects/regshot/
5. 010 (or any other Hex Editor like HxD) - http://www.sweetscape.com/010editor/
6. PEiD - http://woodmann.com/BobSoft/Files/Other/PEiD-0.95-20081103.zip
7. LordPE - http://www.woodmann.com/collaborative/tools/index.php/LordPE
8. Import Reconstructor - https://tuts4you.com/download.php?view.415
9. OllyDbg 2.0 - http://www.ollydbg.de/download.htm
a. Lots of plugins but we will cover that later
b. Future: Windbg
10. PE viewer
a. CFF Explorer
b. PE Exploter
c. PE View
d. PE studio
e. Malware Analysis Cookbook scripts
11. Other (personal preference):
a. Cygwin – with gcc, xxd, python https://cygwin.com/install.html
b. Notepad++ - http://notepad-plus-plus.org/
c. IDA Pro (free 5.X)
12. Volatility
13. Visual Studio Express
14. WinDbg Debugger
15. Volatility
16. Process Hacker
https://github.com/rshipp/awesome-malware-analysis
http://www.malware-analyzer.com/network-analysis
http://opensecuritytraining.info/MalwareDynamicAnalysis.html
https://www.aldeid.com/wiki/SysAnalyzer - PROCWATCH