Malware analysis and Reverse Engineering tools

1 minute read

Malware Analysis and Reverse Engineering Tools

Here, You can find Tools that can help you to analyze malware and do reverse engineering

Static Malware Analysis Tools

1- VirusTotal

It’s a website that can analyze malware and give you a report for that Also you can know How many antiviruses discover this file and identify it.

VirusTotal

2- Die_Win32 & Exeinfope & PEiD

Checking if the malware is packed or unpacked.

Die_Win32
Exeinfope
PEiD

3- PEStadio

Examining executable files in depth.(Strings, Imports , Exports , …..)

PEStadio

4- Strings

Scaning the file for UNICODE (or ASCII) strings of a default length of 3 or more UNICODE (or ASCII) characters.

Strings

5- Resource Hacker

Examining resources, such as .exe and .res files, extract them, replace icons and bitmaps, and more.

Resource Hacker

Dynamic Malware Analysis Tools

1- VirusTotal & Anyrun & Hybrid Analysis

Websites that give you a report of what the malware does in you device (Dynamic Analysis).

VirusTotal
Anyrun
Hybrid Analysis

2- Process Hacker & Process Monitor

Monitoring system resources, debug software and detect malware. Viewing Runing processes

Process Hacker
Process Monitor

3- ProcDot

Ingesting the output from ProcMon and automatically generating a graphical representation of the captured data.

ProcDot

4- Autoruns

Displaying any installed software on a device that is set to launch when a machine is powered on.

Autoruns

5- FileActivityWatch & FolderChangesView

Displaying information about every read/write/delete operation of files occurs on your system.

FileActivityWatch
FolderChangesView

6- Regshot

Taking a snapshot of your registry and then compare it with a second one

Regshot

7- FakeDNS & ApateDNS & INetSim

These tools for the Network (Faking and simulating)

FakeDNS
ApateDNS
INetSim

Advanced Static Malware Analysis Tools

7- IDA & Ghidra

For analyzing the code

IDA
Ghidra

Advanced Dynamic Malware Analysis Tools

7- ollydbg & X64dbg & Windbg

For analyzing the code and examining the CPU registers while the code executes

ollydbg
X64dbg
Windbg

Categories:

Updated: