Author Topic: preferred tools for analysis  (Read 3606 times)

0 Members and 1 Guest are viewing this topic.

September 16, 2009, 07:12:45 pm
Read 3606 times

h4h4h4h4

  • Jr. Member

  • Offline
  • **

  • 11
Just curious to see what tools everyone here prefers to do the following analysis tasks.

my favorites are:


PDF analysis - pdf-parser.py

Flash analysis - swftools (swfdump)

JavaScript deobfuscation - malzilla most of the time.  Rhino as backup.

Shellcode viewer/xor searcher - malzilla

Hex viewer/editor - winhex

HTML viewer/inspector - web-sniffer.net

General debugging/disassembler - olly/ida pro

Malware scanning - Virustotal

Automated Binary Analysis - Anubis






September 16, 2009, 07:32:33 pm
Reply #1

SysAdMini

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 3335
Additional tools:

HTML viewer/inspector - wannabrowser.com

PDF unpacking  - pdftk

shellcode xor searcher - xorsearch

Automated JS analysis - Wepawet / jsunpack

Automated Binary Analysis - Threatexpert / Joebox
Ruining the bad guy's day

September 16, 2009, 09:24:53 pm
Reply #2

h4h4h4h4

  • Jr. Member

  • Offline
  • **

  • 11
Additional tools:

HTML viewer/inspector - wannabrowser.com

PDF unpacking  - pdftk

shellcode xor searcher - xorsearch

Automated JS analysis - Wepawet / jsunpack

Automated Binary Analysis - Threatexpert / Joebox

Are these your favorite tools for each category, or were u just listing Additional tools ?
(I think theres already a Tools sticky in this forum).

I'm mainly wondering what people prefer/most popular to use for day-to-day malware analysis.

September 16, 2009, 10:27:42 pm
Reply #3

SysAdMini

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 3335

Are these your favorite tools for each category, or were u just listing Additional tools ?
(I think theres already a Tools sticky in this forum).

I'm mainly wondering what people prefer/most popular to use for day-to-day malware analysis.


Both.
These are my prefered tools for those categories, but I use also all the tools you have listed.
Ruining the bad guy's day