Nytro Posted March 15, 2013 Report Posted March 15, 2013 [h=1]FakeNet[/h]andyhonig Windows Network Simulation tool for Malware Analysis [h=2]Description[/h] FakeNet is Windows network simulation tool designed for malware analysis. It redirects all traffic leaving a machine to the localhost (including hard-coded IP traffic and DNS traffic) and implements several protocols to ensure that malicious code continues to execute and can be observed by an analyst.The tool supports DNS, HTTP, and SSL protocols and provides a python extension interface for implementing new or custom protocols. It also the capability to listen for traffic to any port as well as create packet capture on the localhost.Right now the tool only supports WinXP Service Pack 3. The tool runs fine on Windows Vista/7 although certain features will be automatically disabled. FakeNet Web Site Download:http://sourceforge.net/projects/fakenet/files/latest/download Quote
meinhard Posted March 16, 2013 Report Posted March 16, 2013 Fakenet-ul asta e tare, dar sa-l rulati cu Buster Sandbox Analyzer add-on, e beton pentru analiza. Vezi nu numai la ce IP se leaga un trojan dar si ce date transmite. Quote
