![]() ![]() RetDec – R etargetable machine-code decompiler based on LLVM. WinDBG2IDA (IDA Plugin) – Shows WinDBG steps in IDA.ĭnSpy –. Radare2 – Free and open source disassembler and debugger. IDA Free/Pro – Disassembler and debugger. WinJa – A lightweight but powerful tool for discovering malware hiding on your system.ĬMD Watcher – Watches for the CMD, PowerShell, and other processes, suspends it, extracts the command line data, then optionally kills it. ProcDot – A new way of visual malware analysis. ![]() MiTMProxy – An interactive SSL/TLS-capable intercepting HTTP proxy (great for HTTPS inspection). Wireshark – Network Sniffer and Protocol Analyzer. INetSim – Emulates services/open ports for malware behavior analysis purposes. TCPView (Sysinternals Suite) – Displays network connections.įiddler – The free web debugging proxy for any browser, system or platform.įakeNet-NG – Emulates services/open ports for malware behavior analysis purposes. PE-Sieve – Scans for malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches). Pinitor – An API Monitor based on instrumentation. Process Monitor (ProcMon, Sysinternals Suite) – Monitors for system processes events (File System, Registry, Network).ĪPI Monitor – Monitors for Windows API functions.ĪPIMiner – Logs Windows API functions of an executed program. Process Explorer (ProcExp, Sysinternals Suite) – Advanced Task Manager. YARA – The pattern matching swiss knife for malware researchers. Malwoverview.py – Incident response tool to perform an initial and quick triage in a directory containing malware samples and more. PDFStreamDumper – PDF malicious file scanner. PDFiD – PDF string scanner and identifier. OfficeMalScanner – Office files malware scanner. PeStudio – Advanced PE viewer and more (recommended). HashMyFiles – Calculate MD5/SHA1/CRC32 hashes of your files.ĭiE (Detect it Easy) – Packer identifier (recommended). Strings (Sysinternals Suite) – Extracts strings from a file. Windows Malware Analysis Tools Static AnalysisĠ10 Editor – Advanced hex viewer and editor. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |