There is no “best” here, however, there is “more frequently used for analyzing malware samples all day.” I’m also aiming to introduce an assortment of tools here rather than introducing 5 tools which all serve the same or very similar purposes. It’s important to note that this does not mean one is “better” than the other. What I’m going to do is present them in order of usefulness/how frequently I use the tool in each subcategory. It’s important to understand how I will be presenting the tools. Static analysis of Windows files can actually be done in a Linux environment and in some cases, the tools are more powerful from Linux, and analyzing Windows execs on Linux is also the safest option if you’re worried about accidentally running the malware for some reason. What this means is that most of the tools are used for analyzing Windows files. This doesn’t mean that I won’t introduce Linux tools. However, I wanted to add some more value by actually describing some typical usages and workflow with the tools, as well as provide some screenshots to show exactly what these tools are used for and how I use them.īefore starting, I want to emphasize that I currently engage in Windows malware analysis. If that’s all you’re looking for, well, you got it. It’s generally more like “here’s a big list of 100 malware tools, have fun!” like they typically have on those giant compound lists on Github. This is a continuously updated page and it is never finished! I decided to go ahead and cover the tools I typically use for analyzing malware because although I’ve found lists elsewhere, I’ve found no real big collection with explanation and/or any type of discussion of these tools.
0 kommentar(er)
