Malware Analysis Tools YOU COULD USE
Ғылым және технология
Malware analysis tools for 2024: I look at some up and coming malware analysis tools everyone can use like Triage, Capa and ActivityView. Whether you want to do system forensics or binary reverse engineering, you'll find one of these quite useful. Get NordVPN (discounted) : nordvpn.com/tpsc (sponsor)
Buy the best antivirus: thepcsecuritychannel.com/best...
Join the discussion on Discord: discord.tpsc.tech/
Get your business endpoints tested by us: tpsc.tech/
Contact us for business: thepcsecuritychannel.com/contact
Пікірлер: 124
Bro I was looking for something exactly like last activity view today and couple hours later this video shows in my recommended. Thank you!
Excellent upload 🎉 Thank for your work 👍🏾
thank you bro I was waiting so long for this
I wish there was a website that just said what the virus did (steal passwords, lock you out of your computer, etc) instead of a bunch of random codes and saying "yeah, this is bad, but we're not gonna say why this is bad"
@SmilerRyanYT
4 ай бұрын
Technically chatgpt might be able to do that now. I know I use AnyRun often and that has an option to summarise the whole thing.
@ChrisM541
4 ай бұрын
False positives/negatives. This kind of analysis is similar to going to your doctor to get a diagnosis done on a health problem...it's very uncommon for a single test to conclusively point you to the answer. In PC forensic analysis you need to use multiple tools - and have a the correct level of skill yourself - in order to get to the bottom of any problem. A simple virus scanner needs a database of known 'signatures', and even then, they can still return false positives. You can reduce risk by following good practice, but you can never reduce that to zero, unfortunately. Even many closed systems are not risk-free.
@prof.poopypants8671
4 ай бұрын
Every security analyst wishes the exact same thing. Unfortunately, the reality is that a lot of malware performs activities on the system that are indistinguishable from user behavior (which can vary a LOT, depending on the user) or legitimate system processes. This makes it nearly impossible to provide a simple, concise, clear-cut answer in an automated way.
@Jordan-xy9hs
4 ай бұрын
tell me how that would work, genius.
@superbaggio87
4 ай бұрын
facts bruh
Yooo this is an amazing example of enhancing the global security posture by educating. Thank you for this set!
Nir Soft freeware system tools are great! Been using them a long time.
I have learnt a lot from you and will be learning more in the future. Thank you!
@akureiokamii
4 ай бұрын
Thank you! Do not redeem good sarr!
wow awesome tools thanks for knowledge sharing for security knowledge is there any equal siem tool available in the market ?
My main Working Station is Virtual Machine. I refuse to do my activity on Bare Metal. VM is easy to deal if there is something went wrong. You can just Snapshot it or delete entirely and install a fresh one.
@wannabedal-adx458
4 ай бұрын
That is actually a great idea. So the snapshot has all of your applications previously configured to it, right? and then how do you move or work with you data in and out of the VM? Meaning how do you keep it secure if it is sitting on a NAS or a USB flash drive (that you don't share)? Thanks.
@user-jm8sy5ox2j
4 ай бұрын
Using a VM 24/7 is great if you don't mind the massive performance penalty for doing it. If you want to do any kind of video editing, gaming, data processing, etc type of tasks then you'll extend the runtime by at least 2x if you run it in a VM instead of bare metal
@HikaruAkitsuki
4 ай бұрын
@@user-jm8sy5ox2j Yea, there is indeed must on BM. But if you do research and gonna enter on a random website, it should be on VM.
I like your vids. Quite often it’s over my head. I would like to learn how as a beginner of trying to protect my pc from outside hacks. What do you suggest how I get started? Do you have a video on how to start out? Tyvm.
Some tools I use are Capa, bstrings, procmon, pestudio, and running things on inetsim
Great video! Thank you!
please make a video about famous software used in forensic
Imagine one day you sent a sample that could breach through the Sandbox environment. 🤔
Your channel is a god send
Wow ! new for me, thanks !
Ahh yess, this is a great video. But TPS, how do we know what is a walware or what executable is a malware?
Amazing video thank you
Good to know !!!
Nice!! Where can I get it?
1:26 What do you use for iCloud Drive and Photos right in the explorer, please?
PC Guy, is what canta is doing what cloud scanners do when you submit samples to them?
My friend got his many accs stolen somehow, instagram shows no logs of ips while steam showed morocco. So, we think its his google chrome cookies and possibly account (but no session exists outside his own devices as we checked), not passwords though?, but maybe the pc itself was controlled? So anyway, since he cant format rn, we had to just use many tools you mentioned. We dont know if this is enough. Do you think we should do anything extra?
do you have anything for remote access tool analysis??
👍Thanks.
Super cool!
hmm what about something like that online automated sandbox but offline?
Hello, how to analyze dll file. with cape... Example: Some software basically has nothing until they download a DLL file to perform their task.
It would be very helpful if you posted the official links to the software you present across your videos. There are also lots of duplicates from other sources.
This dude called the security channel is seriously plugging nord
Do we have any ransomware Stop djvu online ID solutions ?
Any thing too help recover off lost data on android
how to acces triage vms?
How do we know if our computer is infected with malware stealer which is 100% FUD?
Cool
🔥
Win 11 Home or Pro? :)
Мan, provide the links you show!
@SM-1010
4 ай бұрын
He can b extremely bland
Can you please scan crack game made by empress group because the emp.dl is detected by windows defender and i dont know if its safe or not
Any.run and intizer
Off topic - I have had Comodo Antivirus installed for about 3 years and I want to uninstall it because it's taking up too much disc space. However, I read from a few different people that it's very hard to uninstall and it could also cause your system to start acting up because of residual files it leaves on your system after uninstalling it. Now I'm kind of wary to uninstall it. Is there any truth to what they are saying, or is there some sort of certain way to uninstall it so it doesn't cause problems? Please help...?
@HamedEmine
4 ай бұрын
Bulk Crap Uninstaller (in short BCUninstaller or BCU) is very effective with "residual files", you might want to give it a try!
@marcfabricatore1506
4 ай бұрын
Reinstall Windows
@marcfabricatore1506
4 ай бұрын
@@absolutemadchad8637 Sometimes not even the Uninstaller from the company’s work which is why I recommended reinstalling
@aBc-123-XyZ
4 ай бұрын
Try to remove the program in safe mode.
@duplicake4054
4 ай бұрын
Just use the built-in uninstall tool. Go to add or remove programs > comodo > uninstall. I don't recommend uninstalling it though because it's really good.
Anyone know why I can't see youtubers profile pics on the home page, BUT it goes back to normal when I switch accounts?
Running Malware analysis tool into a Malware
How can I trust you with that choice of sponsor and you don't bother to link the software and websites you talk about in the description?
Can i get infected from seeing the live sandbox and get it on my main pc.
@amniositynew
3 күн бұрын
no
Nice🥰
If it contains a cryptominer, wouldn't they want it uploaded to a VM like this with a lot of hardware and ran? Seems like you're doing them a favor by running it at all.
@jackjack3358
4 ай бұрын
If you think a crappy a few gigs RAM VM is capable of mining anything at all i have bad news to you, and VMs get generated and destroyed after each run so it can't do anything even if it was capable of mining
@user-jm8sy5ox2j
4 ай бұрын
No, a VM is worst case scenario for any kind of malware attacker because generally you destroy the VM entirely after using it. A VM is typically sandboxed too so the malware has no chance to spread itself before the VM is destroyed too
Scamio by BitDefender?
@MTGeomancer
4 ай бұрын
I just copied and pasted a link from a phishing email in my spam folder to Scamio. It said there was nothing suspicious and probably not a scam. I wouldn't trust it, at all.
Were those bullets
I recommend any.run and joe’s sandbox as well
Leo
Mandient is owned by Google
HEY, HOW ABOUT LINKS TO THESE TOOLS? 🤔
Madiant account were hacked on twitter xD
don't forget virus total
Process Monitor but worse.
You got sponsored by the scummy Nord, but hopefully the viewers know that the VPN is bad
He has very good info but the vpn bullshit is annoying, I get that for a channel that is about cybersec there aren't many sponsor options but cmon a vpn doesn't do anything...encryption this encryption that literally every site is "peer to peer encrypted" or whatever their buzzword is it has never stopped anyone from doing anything ever...great advice but I see vpn ads everywhere and it's just disheartening
There are only 2 viruses in Windows, one is Edge and the other is Defender, no matter how much you delete and block them, they download and install themselves without asking anything. 🤣
but any of these tools can anylize a simple encrypted .luac file...
i used this tool for manipulating my frnds not in bad way ... installed on his laptop 🤣🤣 7 years back 1st tool
🗿
Leoo
1 st comment
1 comment
Leo :)
15 hackers have seen this video so far... lol 👎
if your looking at a executable then the tool of choice is ghidra. you can also use ida pro if on windows or reflector. if your looking at network activity then wireshark works fine. i am disappointed at the videos lack of technical ability and this is coming from someone who has very basic computer ability skills 2/10 lol.
You don't need a third-party antivirus. It is far more important to update your PC & browser. This is your first line of defence. Windows security is all you need. You don't need none of this shit!
BOO nord vpn 👎👎👎
any.run
Leo
Leo
Leo
Leo
Leo
Leo
Leo
Leo
Leo
Leo
Leo
Leo