Jump to content
Nytro

ProcDOT

By Nytro, in Programe securitate

Recommended Posts

Nytro Mentor

Nytro

Posted
Posted

There are plenty of tools for behavioral malware analysis. The defacto standard ones, though, are Sysinternals’s Process Monitor (also known as Procmon) and PCAP generating network sniffers like Windump, Tcpdump, Wireshark, and the like.

These “two” tools cover almost everything a malware analyst might be interested in when doing behavioral malware analysis.But there’s a major problem with these tools. Any of them works in a so to say separated or isolated way, not knowing anything from each other. Hence it’s kinda hard to get accordingly recorded activities together in one piece or picture. That’s where ProcDOT enters the stage. It fills this actual gap by merging those records together.

But ProcDOT does much more. It turns those thousands of monitored activities into a big behavioral picture - actually a graph - which can be interactively explored making behavioral malware analysis as efficient as you it never was before.In this terms ProcDOT enables you to ...

Get an overall guts feeling for an entire situation within a glance,

Spot relevant parts and understand the correlation between them in minutes

Sursa: ProcDOT's Home

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...