- Tools Process Hacker as an Alternative to Process Explorer and Task Manager
Process Hacker is an open source replacement for Task Manager and Process Explorer. It displays processes in a tree, color-codes debugged, service, and packed processes, shows network connections...
- Malware Using Netsh for Easier Network Setup in a Malware Lab
Windows' netsh tool can save and restore network configurations, useful for malware analysis labs that frequently switch between isolated segments and Internet-connected networks. Save configurations...
- Malware Analysis 3 Free NirSoft Tools for Malware Analysis
Three NirSoft utilities complement Process Monitor for behavioral malware analysis: ProcessActivityView shows file system access with bytes read/written, RegFromApp monitors registry changes, and...
- Malware The Dark Side of Remote Desktop
The Morto worm spread by scanning for RDP on port 3389 and brute-forcing Administrator passwords using common credentials. Tools like TSGrinder and Ncrack automate RDP password attacks. Mitigations...
- Malware Analysis Process Monitor Filters for Malware Analysis and Forensics
Process Monitor captures enormous amounts of data that can overwhelm analysts. Custom filters help by hiding boring entries or highlighting interesting events. Downloadable filter sets look for...
- Incident Response How to Get into Digital Forensics or Security Incident Response
Employers rarely invest in growing beginner forensics analysts, so individuals must build relevant skills within current roles. System admins can learn incident investigation tools, network admins...