Malware analysis tools

[Mr Hollywood]

I have an anti-virus software I want to test.

I was wondering if there is any software out there that would allow me to monitor an infected PC via another PC?

Thank you!

 

[eatmypie]

It really isn't as simple as running a tool at all. You also never monitor a piece of malware or a virus with AV turned on because it can dramatically throw off your results. The only time anyone would need to run an AV tool is if you are testing a database of signatures, or testing an engine to see how good it can pick up things in the wild not without the database of signatures. You could run something like process monitor from sysinternals and run wireshark to get a pcap file. It really isn't that easy of a thing to learn and just do. You need to know a lot about x86, lots of different programming languages, windows internals, protocols, and the list goes on and on. I've taught it to people from various levels of IT experience, the only people who grasp it fast are people who have some sort of professional level career on the security side, or someone who has a lot of experience programming and also has an understanding windows internals. If you want to know the basics about it so you can do some simple projects on your own you can read the first four chapters of this book http://www.amazon.com/Practical-Malware-Analysis-Hands--Dissecting/dp/1593272901/ref=sr_1_1?s=books&ie=UTF8&qid=1456016056&sr=1-1&keywords=malware+analysis

 

[Ech0_Thr34t]

It really isn't as simple as running a tool at all. You also never monitor a piece of malware or a virus with AV turned on because it can dramatically throw off your results. The only time anyone would need to run an AV tool is if you are testing a database of signatures, or testing an engine to see how good it can pick up things in the wild not without the database of signatures. You could run something like process monitor from sysinternals and run wireshark to get a pcap file. It really isn't that easy of a thing to learn and just do. You need to know a lot about x86, lots of different programming languages, windows internals, protocols, and the list goes on and on. I've taught it to people from various levels of IT experience, the only people who grasp it fast are people who have some sort of professional level career on the security side, or someone who has a lot of experience programming and also has an understanding windows internals. If you want to know the basics about it so you can do some simple projects on your own you can read the first four chapters of this book http://www.amazon.com/Practical-Malware-Analysis-Hands--Dissecting/dp/1593272901/ref=sr_1_1?s=books&ie=UTF8&qid=1456016056&sr=1-1&keywords=malware+analysis

Hello,

This is my new account as my "Mr.Hollywood" account was bugged and I couldn't use it anymore.

Is it possible we can speak in greater depth on this matter, there is more you need to know and I am positive you can help.

I am unable to send pm's (probably because this is a new account) so if you would, please email me at [email removed]
Thank you!