Archive for the ‘Tools’ Category

Next Entries »

Microsoft Change Analyzer

Wednesday, March 28th, 2007

Excerpt:

The Change Analysis Diagnostic simplifies the identification of recent
changes to computers running Windows XP. The diagnostic checks for
recent changes to the following:

• Operating system components, such as patches, that are installed as
hotfixes or downloads from Windows Update.
• Installed application entries listed in the Add or Remove Programs
control panel.
• All kernel mode device and file system drivers.
• Browser helper objects loaded by Internet Explorer.
• ActiveX controls loaded by Internet Explorer.
• Programs loaded automatically during Windows XP startup.
• Programs and Dynamic Link Libraries (DLLs) loaded when an application
starts.

For complete article see:
Microsoft downloads
http://support.microsoft.com/kb/924732

Posted in Tools, General InfoSec | No Comments »

Allaple Removal Tool

Tuesday, March 20th, 2007

I wrote a tool to remove the Allaple worm from an infected system. It should catch all variants. The tool is available from here. For more information on W32/Allaple read this, this and this.

Enjoy :) All feedback should be sent to either /dev/null or toni(_at_)teamfurry.com

Posted in Tools | No Comments »

Tools of the trade

Saturday, March 17th, 2007

People ask me (and I ask them) from time to time what tools I use when analyzing malicious files. I though I’d compile a list here, and if you guys (and gals) have others tools that are useful, send me a mail and I’ll update the post.

(more…)

Posted in Tools | No Comments »

On antidebug code detection

Thursday, March 15th, 2007

Sometimes when you run into an unknown piece of malware it’s useful to try to gather as much intel as possible before you start to analyze it. Since there’s a plethora of various methods in use out there, something needs to be automated.

(more…)

Posted in Tools | 3 Comments »

Next Entries »
InspectorWordpress has prevented 2 attacks.