Malware Analysis and Viruses Scanner Tools
.png "PeStudio") PeStudio Malware analysis tool which investigages the resources of EXE files | .jpeg "Process Hacker") Process Hacker Graphs and statistics allow you quickly to track down resource hogs and runaway processes. |
.png "VirusTotal") VirusTotal submitting data above, you are agreeing to our Terms of Service and Privacy Notice, and to the sharing of your Sample submission with the security community. | .png "Kaspersky Threat Intelligence Portal") Kaspersky Threat Portal Kaspersky Threat Intelligence Portal allows you to scan files, domains, IP addresses, and web addresses for threats, malware, viruses. |
.png "ProcDot") ProcDot There are plenty of tools for behavioral malware analysis. The defacto standard ones, though, are Sysinternals’s Process Monitor (also known as Procmon) and PCAP generating network sniffers like Windump, Tcpdump, Wireshark, and the like. These “two” tools cover almost everything a malware analyst might be interested in when doing behavioral malware analysis | .png "Ghidra Software Reverse Engineering Framework") Ghidra Software Reverse Engineering Framework Ghidra is a software reverse engineering (SRE) framework created and maintained by the National Security Agency Research Directorate. This framework includes a suite of full-featured, high-end software analysis tools that enable users to analyze compiled code on a variety of platforms including Windows, macOS, and Linux. Capabilities include disassembly, assembly, decompilation, graphing, and scripting, along with hundreds of other features. Ghidra supports a wide variety of processor instruction sets and executable formats and can be run in both user-interactive and automated modes. Users may also develop their own Ghidra extension components and/or scripts using Java or Python. |
 Radare2 r2 is a complete rewrite of radare. It provides a set of libraries, tools and plugins to ease reverse engineering tasks. Distributed mostly under LGPLv3, each plugin can have different licenses (see r2 -L, rasm2 -L, ...). The radare project started as a simple command-line hexadecimal editor focused on forensics. Today, r2 is a featureful low-level command-line tool with support for scripting. r2 can edit files on local hard drives, view kernel memory, and debug programs locally or via a remote gdb server. r2's wide architecture support allows you to analyze, emulate, debug, modify, and disassemble any binary. | .jpeg "Wireshark") Wireshark Wireshark is the world’s foremost and widely-used network protocol analyzer. |
.png)
