Home | Software | About | Contact | Blog
| Software | Description | Download | Screenshot | |
| PortMonitor(Alpha) |
is a application's network monitor. It will monitor a list of process using the network, include port monitor and network sniffer which using winpcap. The different between this and other sniffer like wireshark is PortMonitor monitor the network port and map the port to the application and the data it communicate. This application can be use to monitor network activities of an application such as malware. SHA1 Checksum: d1cffd706971b6aae72d320ab164ff27a2affd67 |
PortMonitor.zip | Screenshot | |
| DirectorySnapshot(Alpha) | is a hash application where it allow the user to take hash (MD5, SHA1, SHA256) of all files in all the listed directory. The application also make a comparation of current system with a specific snapshot. This application can be use to detect if any file in any directory change after a malware is executed. MD5 Checksum: fe9ac14e9b7524fa76e5edfd2752534d SHA1 Checksum: fe9ac14e9b7524fa76e5edfd2752534d |
DirectorySnapshot.rar Alpha | Screenshot | |
| Web Get | is a small script used to view a url with custom header. The reason for me to develop this script is to analyze phish site that infect the user's host system. There are a few malware out there targeting banks by infect the user's host file. Once the user is infected, when the user try to access the bank website, the user get redirect to the phish site. Since the phish site check the host field in the GET's header, analyzer can't access the phish site without modify their host file or run a custom GET. This script allow analyzer to perform the custom GET. |
Link |
