Results 1 to 3 of 3

Thread: Malware Analysis - Top 3 Tools & Techniques Every Whitehat Hacker Should Know About!

  1. #1
    Junior Member
    Join Date
    Jun 2008
    Posts
    7

    Talking Malware Analysis - Top 3 Tools & Techniques Every Whitehat Hacker Should Know About!

    I wrote an article for ezine not published yet it only 300 hundred words, so I thought I might aswell post it here for the kind members of antionline. Its no advance paper or anything just a simple guide, so no flaming please im a beginer myself.

    Malware Analysis - Top 3 Tools & Techniques
    Every Whitehat
    Hacker Should Know About!!

    In this article you will learn the top 3 techniques along with the top 3 tools needed to analyze and dissect malware successfully.

    Malware

    What is Malware? Well Malware is coined from the two words malicious and software. Malware refers to Spyware, Trojans, Bots, Viruses, Hijackers and other pieces of software with malicious intent.

    Some prequisites, make sure you can program in C and understand C in a deep level another thing which is key is Assembley. Make sure you know the assembley architecture for the system your trying to reverse engineer under.

    Vmware an excellent tool allows you to run multiple operating systems on one computer through a virtual interface. You can install Windows XP on the virtual computer and then run the malicious code on that virtual machine. This will provide you with safety from the malware and it also means cutting costs as you won’t have to sacrifice a computer for the analysis.

    OllyDbg a superb assembly level debugger it can analyze binary code on the fly which is excellent especially when the source code is not available. When doing malware analyzes the source code is almost never available. This tool will help you work out how the malware works and what it does.

    Wireshark the best network traffic analyzer in my opinion. Malicious programs almost always cause some sort of network traffic and you want to be able to decode what this traffic is. It might be a password being sent to an IRC server to join a channel, it might even be that text file you stored on your desktop as passwords.txt. Have your network analyzer setup before you run the malicious code that way you won’t miss a single packet.

    With these 3 tools and techniques you should now be able to successfully dissect the malware, understand what it does and be able to protect your system from it.


    ================================
    Author (c) Billy – All rights reserved
    ================================
    http://www.softhardware.co.uk

  2. #2
    Junior Member
    Join Date
    Jan 2006
    Posts
    28
    As i understand
    It is three parts:
    1) do analyse of malware in the virtual enviroment
    Wiki: http://en.wikipedia.org/wiki/Virtual_machine
    2) debugg and monitoring of runing processes
    http://en.wikipedia.org/wiki/Debugger
    3) network sniffing
    http://en.wikipedia.org/wiki/Packet_sniffer

    It is alot of other software that can be used.
    As diskimaging software, disassembler, instruction preventaion software.
    Use herustic alalys and Instruction preventation software to protect and test protection against differnt kind of malware.
    never know

  3. #3
    Junior Member
    Join Date
    Jun 2008
    Posts
    7
    True thanks for comments
    http://www.softhardware.co.uk

Similar Threads

  1. Security management - setting up audit and account
    By tenzenryu in forum The Security Tutorials Forum
    Replies: 7
    Last Post: July 11th, 2005, 03:57 AM
  2. Hacker Paper
    By Aden in forum AntiOnline's General Chit Chat
    Replies: 13
    Last Post: April 28th, 2004, 03:40 PM
  3. hacker being
    By Anatra in forum AntiOnline's General Chit Chat
    Replies: 4
    Last Post: March 31st, 2003, 12:48 PM
  4. Newbies, list of many words definitions.
    By -DaRK-RaiDeR- in forum Newbie Security Questions
    Replies: 9
    Last Post: December 14th, 2002, 08:38 PM
  5. how to be a hacker
    By TURBOWEST in forum The Security Tutorials Forum
    Replies: 4
    Last Post: September 23rd, 2002, 05:46 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •