- Tools Extracting Malicious Flash Objects from PDFs Using SWF Mastah
SWF Mastah by Brandon Dixon extracts malicious Flash objects from PDFs in one step, using the PDF X-RAY framework and Peepdf. It can handle complex PDF files even when pdf-parser fails to locate or...
- Malware Analysis Preparing The Next Release of REMnux Distro
- Malware Analysis How Security Companies Assign Names to Malware Specimens
Security companies base malware naming on the CARO scheme, which groups specimens into families by code similarity in a Type/Platform/Family.Variant format. MITRE's Common Malware Enumeration...
- Malware Analysis 3 Free Tools to Fake DNS Responses for Malware Analysis
When analyzing malware behaviorally, intercepting DNS queries lets you redirect network connections to lab systems. Three free tools simplify this: ApateDNS (Windows), FakeDNS (Windows), and...
- Tools Process Hacker as an Alternative to Process Explorer and Task Manager
Process Hacker is an open source replacement for Task Manager and Process Explorer. It displays processes in a tree, color-codes debugged, service, and packed processes, shows network connections...
- Malware Analysis 3 Free NirSoft Tools for Malware Analysis
Three NirSoft utilities complement Process Monitor for behavioral malware analysis: ProcessActivityView shows file system access with bytes read/written, RegFromApp monitors registry changes, and...