|
(Page 1 of 1) Category: Rootkits IPPON Added 2009-08-21 This tool uses several techniques of update-exploitation attacks which leverages a man-in-the-middle technique, to build and inject a fake update reply or hijack an on-going update session OSSEC HIDS Added 2008-11-18 OSSEC is an Open Source Host-based Intrusion Detection System. It performs log analysis, integrity checking, Windows registry monitoring, rootkit detection, real-time alerting and active response. It runs on most operating systems, including Linux, OpenBSD, FreeBSD, MacOS, Solaris and Windows. OSSEC HIDS Added 2008-08-29 OSSEC is an Open Source Host-based Intrusion Detection System. It performs log analysis, integrity checking, Windows registry monitoring, rootkit detection, real-time alerting and active response. It runs on most operating systems, including Linux, OpenBSD, FreeBSD, MacOS, Solaris and Windows. Training in a Flash Malware Protection Added 2007-04-18 A free, 3 minute Flash Program to train enterprise users on malware attacks and how to avoid them. LINReS Added 2006-08-07 LINReS is a Live Response script designed to run on suspect/compromised Linux systems system with a minimal impact on the system to satisfy various forensic standards requirements. This script has been tested successfully on RedHat Enterprise Linux systems. LINReS consists of mostly statically compiled binaries and includes the various shared libraries that may be required to run the binaries (which are not statically compiled). All in all, no binary from the compromised system is used by this tool which mitigates the risk of collecting information on a trojaned system. Helios Added 2006-07-14 Helios is an advanced malware detection system. It has been designed to detect, remove and inoculate against modern Windows rootkits. It performs behavioral analysis as opposed to signature based analysis and is one of the only tools that is able to detect rootkits in real-time, unhide hidden processes, restore hijacked system functions and inoculate the system against rootkit installation. DarkSpy Anti-Rootkit Added 2006-06-06 DarkSpy(Freeware) Anti-Rookit is a powerful tool for rootkit detection. DarkSpy is a multiway-based detection tool . It internally combines many effective detection techniques, including DarkSpy's own handlers and also methods used by other famous tools. DarkSpy 1.0.5 new features: Enhanced Process/Driver Module detection. Fixed some problems working with other security software(Karspersky...etc). Enhanced process force terminate functionality. Start to support multi-cpu and hyperthread. Registry functionality added. Help document added. Use it at your own risk. DarkSpy Anti-Rootkit Added 2006-04-20 DarkSpy Anti-Rootkit V1.0.2 Test Version(Freeware) DarkSpy Introduction: DarkSpy is a new rootkit detection tool from China. It's coded by two guys : CardMagic & wowocock,and support some new features that can make the detection more effective. DarkSpy is consisted of five parts: 1.Process: Detect hidden process(even hide with FUTo...) Force kill process(even Icesword) 2.Kernel Module: Detect hidden kernel module(even hide with FUTo...) 3.File: Detect hidden files Force copy file Force delete file 4.Registry function is not provided in test version. 5.Port: Detect hidden ports (Notice: DarkSpy don't allow any kernel debugger to run!) Environment supported by test version: 32bit Windows 2000(SP4 and later) 32bit Windows XP 32bit WIndows 2003 Single CPU without hyperthread Try it at your own risk....:) If you find any bugs,please contact me via my email: sunmy1@sina.com Thanks! Browse by category |
|
|
Privacy Statement |
