Malware Analysis Tools YOU COULD USE
HTML-код
- Опубликовано: 2 июн 2024
- Malware analysis tools for 2024: I look at some up and coming malware analysis tools everyone can use like Triage, Capa and ActivityView. Whether you want to do system forensics or binary reverse engineering, you'll find one of these quite useful. Get NordVPN (discounted) : nordvpn.com/tpsc (sponsor)
Buy the best antivirus: thepcsecuritychannel.com/best...
Join the discussion on Discord: discord.tpsc.tech/
Get your business endpoints tested by us: tpsc.tech/
Contact us for business: thepcsecuritychannel.com/contact 
Наука
Bro I was looking for something exactly like last activity view today and couple hours later this video shows in my recommended. Thank you!
Excellent upload 🎉 Thank for your work 👍🏾
thank you bro I was waiting so long for this
Yooo this is an amazing example of enhancing the global security posture by educating. Thank you for this set!
Nir Soft freeware system tools are great! Been using them a long time.
wow awesome tools thanks for knowledge sharing for security knowledge is there any equal siem tool available in the market ?
I have learnt a lot from you and will be learning more in the future.
Thank you!
Thank you! Do not redeem good sarr!
Great video! Thank you!
Your channel is a god send
Some tools I use are Capa, bstrings, procmon, pestudio, and running things on inetsim
My main Working Station is Virtual Machine. I refuse to do my activity on Bare Metal. VM is easy to deal if there is something went wrong. You can just Snapshot it or delete entirely and install a fresh one.
That is actually a great idea. So the snapshot has all of your applications previously configured to it, right? and then how do you move or work with you data in and out of the VM? Meaning how do you keep it secure if it is sitting on a NAS or a USB flash drive (that you don't share)? Thanks.
Using a VM 24/7 is great if you don't mind the massive performance penalty for doing it. If you want to do any kind of video editing, gaming, data processing, etc type of tasks then you'll extend the runtime by at least 2x if you run it in a VM instead of bare metal
@@user-jm8sy5ox2j Yea, there is indeed must on BM.
But if you do research and gonna enter on a random website, it should be on VM.
I like your vids. Quite often it’s over my head. I would like to learn how as a beginner of trying to protect my pc from outside hacks. What do you suggest how I get started? Do you have a video on how to start out? Tyvm.
I wish there was a website that just said what the virus did (steal passwords, lock you out of your computer, etc) instead of a bunch of random codes and saying "yeah, this is bad, but we're not gonna say why this is bad"
Technically chatgpt might be able to do that now. I know I use AnyRun often and that has an option to summarise the whole thing.
False positives/negatives. This kind of analysis is similar to going to your doctor to get a diagnosis done on a health problem...it's very uncommon for a single test to conclusively point you to the answer. In PC forensic analysis you need to use multiple tools - and have a the correct level of skill yourself - in order to get to the bottom of any problem. A simple virus scanner needs a database of known 'signatures', and even then, they can still return false positives.
You can reduce risk by following good practice, but you can never reduce that to zero, unfortunately. Even many closed systems are not risk-free.
Every security analyst wishes the exact same thing. Unfortunately, the reality is that a lot of malware performs activities on the system that are indistinguishable from user behavior (which can vary a LOT, depending on the user) or legitimate system processes. This makes it nearly impossible to provide a simple, concise, clear-cut answer in an automated way.
tell me how that would work, genius.
facts bruh
Wow ! new for me, thanks !
please make a video about famous software used in forensic
Ahh yess, this is a great video. But TPS, how do we know what is a walware or what executable is a malware?
Amazing video thank you
PC Guy, is what canta is doing what cloud scanners do when you submit samples to them?
1:26 What do you use for iCloud Drive and Photos right in the explorer, please?
Imagine one day you sent a sample that could breach through the Sandbox environment. 🤔
My friend got his many accs stolen somehow, instagram shows no logs of ips while steam showed morocco. So, we think its his google chrome cookies and possibly account (but no session exists outside his own devices as we checked), not passwords though?, but maybe the pc itself was controlled? So anyway, since he cant format rn, we had to just use many tools you mentioned. We dont know if this is enough. Do you think we should do anything extra?
Nice!! Where can I get it?
Hello, how to analyze dll file. with cape... Example: Some software basically has nothing until they download a DLL file to perform their task.
Good to know !!!
Super cool!
do you have anything for remote access tool analysis??
hmm what about something like that online automated sandbox but offline?
👍Thanks.
It would be very helpful if you posted the official links to the software you present across your videos. There are also lots of duplicates from other sources.
Do we have any ransomware Stop djvu online ID solutions ?
Any thing too help recover off lost data on android
This dude called the security channel is seriously plugging nord
Anyone know why I can't see youtubers profile pics on the home page, BUT it goes back to normal when I switch accounts?
How do we know if our computer is infected with malware stealer which is 100% FUD?
Off topic - I have had Comodo Antivirus installed for about 3 years and I want to uninstall it because it's taking up too much
disc space. However, I read from a few different people that it's very hard to uninstall and it could also cause your system
to start acting up because of residual files it leaves on your system after uninstalling it. Now I'm kind of wary to uninstall it.
Is there any truth to what they are saying, or is there some sort of certain way to uninstall it so it doesn't cause problems?
Please help...?
Bulk Crap Uninstaller (in short BCUninstaller or BCU) is very effective with "residual files", you might want to give it a try!
Reinstall Windows
@@absolutemadchad8637 Sometimes not even the Uninstaller from the company’s work which is why I recommended reinstalling
Try to remove the program in safe mode.
Just use the built-in uninstall tool. Go to add or remove programs > comodo > uninstall. I don't recommend uninstalling it though because it's really good.
Can you please scan crack game made by empress group because the emp.dl is detected by windows defender and i dont know if its safe or not
how to acces triage vms?
Мan, provide the links you show!
He can b extremely bland
Cool
Can i get infected from seeing the live sandbox and get it on my main pc.
no
Win 11 Home or Pro? :)
How can I trust you with that choice of sponsor and you don't bother to link the software and websites you talk about in the description?
Any.run and intizer
Nice🥰
Running Malware analysis tool into a Malware
🔥
If it contains a cryptominer, wouldn't they want it uploaded to a VM like this with a lot of hardware and ran? Seems like you're doing them a favor by running it at all.
If you think a crappy a few gigs RAM VM is capable of mining anything at all i have bad news to you, and VMs get generated and destroyed after each run so it can't do anything even if it was capable of mining
No, a VM is worst case scenario for any kind of malware attacker because generally you destroy the VM entirely after using it. A VM is typically sandboxed too so the malware has no chance to spread itself before the VM is destroyed too
Scamio by BitDefender?
I just copied and pasted a link from a phishing email in my spam folder to Scamio. It said there was nothing suspicious and probably not a scam.
I wouldn't trust it, at all.
Leo
Were those bullets
Mandient is owned by Google
HEY, HOW ABOUT LINKS TO THESE TOOLS? 🤔
Madiant account were hacked on twitter xD
Process Monitor but worse.
I recommend any.run and joe’s sandbox as well
You got sponsored by the scummy Nord, but hopefully the viewers know that the VPN is bad
don't forget virus total
He has very good info but the vpn bullshit is annoying, I get that for a channel that is about cybersec there aren't many sponsor options but cmon a vpn doesn't do anything...encryption this encryption that literally every site is "peer to peer encrypted" or whatever their buzzword is it has never stopped anyone from doing anything ever...great advice but I see vpn ads everywhere and it's just disheartening
There are only 2 viruses in Windows, one is Edge and the other is Defender, no matter how much you delete and block them, they download and install themselves without asking anything. 🤣
i used this tool for manipulating my frnds not in bad way ... installed on his laptop 🤣🤣 7 years back 1st tool
🗿
Leoo
1 st comment
but any of these tools can anylize a simple encrypted .luac file...
1 comment
Leo :)
You don't need a third-party antivirus. It is far more important to update your PC & browser. This is your first line of defence. Windows security is all you need. You don't need none of this shit!
15 hackers have seen this video so far... lol 👎
if your looking at a executable then the tool of choice is ghidra. you can also use ida pro if on windows or reflector. if your looking at network activity then wireshark works fine.
i am disappointed at the videos lack of technical ability and this is coming from someone who has very basic computer ability skills 2/10 lol.
BOO nord vpn 👎👎👎
any.run
Leo
Leo
Leo
Leo
Leo
Leo
Leo
Leo
Leo
Leo
Leo
Leo