infiniteer.blogg.se

Procexp (Process Explorer - RE/Malware analysis) Procexp64 (Process Explorer - RE/Malware analysis) Processhacker (Process Hacker - RE/Malware analysis) Procdump (ProcDump - RE/Malware analysis) Procdump64 (ProcDump - RE/Malware analysis) Pexplorer (Pexplorer - RE/Malware analysis) Pestudio (pestudio - RE/Malware analysis)

Pe-sieve64 (PE-sieve - RE/Malware analysis) Pe-sieve32 (PE-sieve - RE/Malware analysis) Pebrowse64 (Pebrowser - RE/Malware analysis) Pdfstreamdumper (PDFStreamDumper - RE/Malware analysis) Officemalscanner (Officemalscanner - RE/Malware analysis) Jd-gui (Java Decompiler - RE/Malware analysis)

Ildasm (IL Disassembler - RE/Malware analysis) Hollows_hunter (hollows hunter - RE/Malware analysis) So do you guys find any interesting tool/EDR here? considering that this is a very complex attack, there might be obviously checks for some tools/EDRs that maybe very few companies use/know about.Īpimonitor-圆4 (Rohitab - RE/Malware analysis)Īpimonitor-x86 (Rohitab - RE/Malware analysis)Īutoruns64 (Autoruns - RE/Malware analysis)Īutoruns (Autoruns - RE/Malware analysis)Īutorunsc64 (Autoruns - RE/Malware analysis)Īutorunsc (Autoruns - RE/Malware analysis)īinaryninja (Binary Ninja - RE/Malware analysis)Ĭff explorer (NTCore Explorer Suite - RE/Malware analysis)Ĭutter (Rizin Cutter - RE/Malware analysis)ĭebugview (DebugView - RE/Malware analysis)ĭotpeek32 (dotPeek - RE/Malware analysis)ĭotpeek64 (dotPeek - RE/Malware analysis)ĭumpcap (Wireshark - RE/Malware analysis)Įvidence center (Belkasoft Evidence Center - Forensics)Įxeinfope (Exeinfo PE - RE/Malware analysis)įakedns (fakedns (iDefense) - RE/Malware analysis)įfdec (Free Flash Decompiler - RE/Malware analysis)įileinsight (McAfee - RE/Malware analysis) I guess one good usage of this list is for us malware analysts to learn about malware analysis and forensic tools and EDR that we never knew about before lol As you all probably know, in the solarwinds backdoor there is a check for existence of many analysis tools and EDRs.