Archive for the ‘Toolkit’ Category

Directory Snapshot Alpha

Monday, March 30th, 2009

Check out a alpha version of Directory Snapshot application I develop used to validate the integrity of the system. I develop this as a way for me to validate the integrity of the files in the system after running a malware or any application I want to monitor. This application is useful for me since I analyze malware daily and need a quick way to validate system integrity. The application should be fairly easy to use. If there’s any pointer on improving this application, bug found, or feature wanted, please let me know. You can download it at here.

Feature planning on next release:

  • Add drag and drop
  • Use Sleuthkit to access Filesystem.

Known bug:

  • SHA256 is not working

Tags: , , , , , , ,
Posted in Programming, Toolkit, forensic, malware, security | 2 Comments »

Yara - identify and classify malware samples toolkit

Thursday, March 12th, 2009

This is a nice project start by Victor Alvarez which can be found at http://code.google.com/p/yara-project.

This project describe as a tool aimed at helping malware researchers to identify and classify malware samples.  This tool work similar to IDS system with a nice scripting support which allow the user to add complex signature to the rule set.

Tags: ,
Posted in Toolkit | 1 Comment »