Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- https://github.com/mentebinaria/retoolkit
- https://www.sentinelone.com/labs/top-15-essential-malware-analysis-tools/
- обучалка
- https://habr.com/ru/company/dsec/blog/334832/
- https://www.cybrary.it/course/malware-analysis/
- http://fumalwareanalysis.blogspot.com/p/malware-analysis-tutorials-reverse.html
- https://www.securitylab.ru/blog/personal/informacionnaya_bezopasnost_v_detalyah/332544.php
- Category Tool Purpose
- Tools 7-Zip Decompress wide variety of file types
- Tools Notepad++ Text editor
- Tools Python 3.6.x Scripting language
- Tools WinSCP Secure file transfer
- Tools Visual C++ 2010 Redistributable Package (x86)
- Tools Visual C++ 2013 Redistributable Package (x86)
- Unpacking UPX Packer/unpacker for executables
- Unpacking Scylla Recover executable from packed binary after running (Blog post on usage)
- Unpacking Universal Import Fixer (UIF) Reveal obfuscated imports in binary
- Unpacking Imports Fixer Reveal obfuscated imports in binary
- Unpacking Exeinfo PE Packer, unpacker, data detector
- Unpacking Detect It Easy Packer identifier
- Unpacking Bytehist Produces byte usage histogram (hints if file is packed/compressed)
- Unpacking pe-unmapper Can recover PE executable dumped from memory
- Decoding strings2 Extract ASCII and Unicode strings from binary data
- Decoding HxD Hex Editor
- Decoding BinText Extract ASCII and Unicode strings from binary data
- Decoding scdbg Show all Windows API functions called by shellcode
- Decoding jmp2it Transfer EIP control to shellcode (Blog post on usage)
- Behavior Analysis ProcDOT Visual malware analysis (Requires WinDump and GraphViz to be installed)
- Behavior Analysis API Monitor Monitor and control API calls made by processes
- Behavior Analysis Process Monitor Show real-time file system, Registry and process/thread activity
- Behavior Analysis Process Hacker Open source clone of classic Process Explorer tool
- Behavior Analysis Wireshark Network packet capture and analysis
- Behavior Analysis Noriben Malware analysis sandbox
- Behavior Analysis Regshot Registry snapshot and comparison utility
- Behavior Analysis TcpLogView Simple viewer for active TCP connections
- Behavior Analysis HashMyFiles Calculate hash values (MD5/SHA/etc...) of file
- Behavior Analysis Fiddler Web debugging proxy (edit and analyze HTTP/HTTPS traffic in-flight)
- Behavior Analysis AutoRuns Show programs that will run automatically (i.e. persistence)
- PE File Analysis PeStudio Malware static analysis assessment tool
- PE File Analysis CFF Explorer Editor for PE files
- PE File Analysis IDA Freeware 5.0 Disassembler, debugger, and (add-on) decompiler. $$$$ for Pro version.
- PE File Analysis OllyDbg 2 + OllyDumpEx Disassembler and debugger
- PE File Analysis x64dbg x64/x32 Windows debugger
- ScyllaHide Plugin for x64dbg (and OllyDbg 2, and others) - Performs anti-anti-debugging to hide your analysis tool from the malware
- xAnalyzer Plugin for x64dbg - Performs additional static analysis on function definitions, arguments, and data types
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement