Join Us!

Malicious software ...
 
Notifications
Clear all

Malicious software tools  

  RSS
MikeA
(@mikea)
New Member

I've read a number of posts in the forums that refer to looking for the presence of rootkits, malware etc on a target system but I am interested in looking at it from the other perspective. i.e. the examination of a system that may have been used to deploy such software. What types of programs, tools, utilities etc would one expect to find on a machine that may have been used to gain unauthorised access to another system or to deploy malicious software etc etc

Thanks

Mike

Quote
Posted : 04/01/2008 3:09 pm
keydet89
(@keydet89)
Community Legend

What types of programs, tools, utilities etc would one expect to find on a machine that may have been used to gain unauthorised access to another system or to deploy malicious software etc etc

Well, for one, you might expect to find the malicious software. Therefore, your approach would likely be pretty much the same, with the exception that you wouldn't expect a system used to deploy a rootkit to be infected by that rootkit.

Depending upon the approach used to compromise the remote system, you may also expect to see toolkits…bunches of admin tools, maybe even toolkits that allow you to create malware at the push of a button.

ReplyQuote
Posted : 04/01/2008 3:53 pm
Share: