Malware Analysis Tools YOU COULD USE

Рет қаралды 70,774

Күн бұрын

Пікірлер: 138

@Orblets Жыл бұрын

Bro I was looking for something exactly like last activity view today and couple hours later this video shows in my recommended. Thank you!

@HoshangGovil Жыл бұрын

I have learnt a lot from you and will be learning more in the future. Thank you!

@randomplantsandstuff Жыл бұрын

Thank you! Do not redeem good sarr!

@Q-432hz Жыл бұрын

Excellent upload 🎉 Thank for your work 👍🏾

@FurryNonsense Жыл бұрын

I wish there was a website that just said what the virus did (steal passwords, lock you out of your computer, etc) instead of a bunch of random codes and saying "yeah, this is bad, but we're not gonna say why this is bad"

@SmilerRyanYT Жыл бұрын

Technically chatgpt might be able to do that now. I know I use AnyRun often and that has an option to summarise the whole thing.

@ChrisM541 Жыл бұрын

False positives/negatives. This kind of analysis is similar to going to your doctor to get a diagnosis done on a health problem...it's very uncommon for a single test to conclusively point you to the answer. In PC forensic analysis you need to use multiple tools - and have a the correct level of skill yourself - in order to get to the bottom of any problem. A simple virus scanner needs a database of known 'signatures', and even then, they can still return false positives. You can reduce risk by following good practice, but you can never reduce that to zero, unfortunately. Even many closed systems are not risk-free.

@prof.poopypants8671 Жыл бұрын

Every security analyst wishes the exact same thing. Unfortunately, the reality is that a lot of malware performs activities on the system that are indistinguishable from user behavior (which can vary a LOT, depending on the user) or legitimate system processes. This makes it nearly impossible to provide a simple, concise, clear-cut answer in an automated way.

@Jordan-xy9hs Жыл бұрын

tell me how that would work, genius.

@superbaggio87 Жыл бұрын

facts bruh

@alexxx4434 Жыл бұрын

Nir Soft freeware system tools are great! Been using them a long time.

@Wahinies Жыл бұрын

Yooo this is an amazing example of enhancing the global security posture by educating. Thank you for this set!

@GeorgeG-is6ov Жыл бұрын

thank you bro I was waiting so long for this

@HikaruAkitsuki Жыл бұрын

My main Working Station is Virtual Machine. I refuse to do my activity on Bare Metal. VM is easy to deal if there is something went wrong. You can just Snapshot it or delete entirely and install a fresh one.

@wannabedal-adx458 Жыл бұрын

That is actually a great idea. So the snapshot has all of your applications previously configured to it, right? and then how do you move or work with you data in and out of the VM? Meaning how do you keep it secure if it is sitting on a NAS or a USB flash drive (that you don't share)? Thanks.

@user-jm8sy5ox2j Жыл бұрын

Using a VM 24/7 is great if you don't mind the massive performance penalty for doing it. If you want to do any kind of video editing, gaming, data processing, etc type of tasks then you'll extend the runtime by at least 2x if you run it in a VM instead of bare metal

@HikaruAkitsuki Жыл бұрын

@@user-jm8sy5ox2j Yea, there is indeed must on BM. But if you do research and gonna enter on a random website, it should be on VM.

@balajisharathkumar9753 Жыл бұрын

wow awesome tools thanks for knowledge sharing for security knowledge is there any equal siem tool available in the market ?

@wolfbrave4866 Жыл бұрын

Imagine one day you sent a sample that could breach through the Sandbox environment. 🤔

@bobwyde4026 Жыл бұрын

Your channel is a god send

@DdragonGun001 10 ай бұрын

Some tools I use are Capa, bstrings, procmon, pestudio, and running things on inetsim

@samfisher5302 11 ай бұрын

Great video! Thank you!

@michaell7877 Жыл бұрын

I like your vids. Quite often it’s over my head. I would like to learn how as a beginner of trying to protect my pc from outside hacks. What do you suggest how I get started? Do you have a video on how to start out? Tyvm.

@Gord_9000 Жыл бұрын

Ahh yess, this is a great video. But TPS, how do we know what is a walware or what executable is a malware?

@a7xnexus Жыл бұрын

please make a video about famous software used in forensic

@Thedude897 Жыл бұрын

This dude called the security channel is seriously plugging nord

@Snygging81 11 ай бұрын

Can i get infected from seeing the live sandbox and get it on my main pc.

@jesusivanguerrazaldivar8303 Жыл бұрын

Wow ! new for me, thanks !

@safetime100 2 ай бұрын

Amazing, thank you

@javagamesfanclub5650 2 ай бұрын

How do you setup your lab with internet access and everything every godam article and youtube video is saying to turn off internet which doesn't work if the application or malware requires an internet connection to download a payload or something

@hoteny Жыл бұрын

My friend got his many accs stolen somehow, instagram shows no logs of ips while steam showed morocco. So, we think its his google chrome cookies and possibly account (but no session exists outside his own devices as we checked), not passwords though?, but maybe the pc itself was controlled? So anyway, since he cant format rn, we had to just use many tools you mentioned. We dont know if this is enough. Do you think we should do anything extra?

@gamereditor59ner22 Жыл бұрын

Nice!! Where can I get it?

@Fortexik Жыл бұрын

1:26 What do you use for iCloud Drive and Photos right in the explorer, please?

@ImSimplyDavid 14 күн бұрын

what?

@WilfredoCayabyab 8 ай бұрын

do you have anything for remote access tool analysis??

@shadowstorm657 Жыл бұрын

Amazing video thank you

@maketank 9 ай бұрын

It would be very helpful if you posted the official links to the software you present across your videos. There are also lots of duplicates from other sources.

@df4423 6 ай бұрын

do you need an enterprise license to use the api for recorded future triage

@ripleyhrgiger4669 Жыл бұрын

PC Guy, is what canta is doing what cloud scanners do when you submit samples to them?

@rutera24 Жыл бұрын

Мan, provide the links you show!

@SM-1010 Жыл бұрын

He can b extremely bland

@AgonTheFirst Жыл бұрын

Hello, how to analyze dll file. with cape... Example: Some software basically has nothing until they download a DLL file to perform their task.

@fernandohg225 Жыл бұрын

Good to know !!!

@mnageh-bo1mm Жыл бұрын

hmm what about something like that online automated sandbox but offline?

@HazzyDevil Жыл бұрын

I recommend any.run and joe’s sandbox as well

@lewiskelly14 Жыл бұрын

How can I trust you with that choice of sponsor and you don't bother to link the software and websites you talk about in the description?

@TheRoot2944 5 ай бұрын

Have you ever uses CAINE OS ?

@tienatnguyen3412 Жыл бұрын

Do we have any ransomware Stop djvu online ID solutions ?

@azizgoi2066 Жыл бұрын

How do we know if our computer is infected with malware stealer which is 100% FUD?

@TruthNTime Жыл бұрын

Off topic - I have had Comodo Antivirus installed for about 3 years and I want to uninstall it because it's taking up too much disc space. However, I read from a few different people that it's very hard to uninstall and it could also cause your system to start acting up because of residual files it leaves on your system after uninstalling it. Now I'm kind of wary to uninstall it. Is there any truth to what they are saying, or is there some sort of certain way to uninstall it so it doesn't cause problems? Please help...?

@HamedEmine Жыл бұрын

Bulk Crap Uninstaller (in short BCUninstaller or BCU) is very effective with "residual files", you might want to give it a try!

@marcfabricatore1506 Жыл бұрын

Reinstall Windows

@marcfabricatore1506 Жыл бұрын

@absolutemadchad8637 Sometimes not even the Uninstaller from the company’s work which is why I recommended reinstalling

@aBc-123-XyZ Жыл бұрын

Try to remove the program in safe mode.

@duplicake4054 Жыл бұрын

Just use the built-in uninstall tool. Go to add or remove programs > comodo > uninstall. I don't recommend uninstalling it though because it's really good.

@moormoor4281 Жыл бұрын

Any thing too help recover off lost data on android

@jerrychen8138 7 ай бұрын

Windows defender immediatly blocked capa. I'm not very good at programming or code yet so i can't really understand what the file does. can somebody tell me if this is safe?

@AlexAlex-869 11 ай бұрын

Super cool!

@guilherme5094 Жыл бұрын

👍Thanks.

@lussor1 Жыл бұрын

You got sponsored by the scummy Nord, but hopefully the viewers know that the VPN is bad

@Agony. Жыл бұрын

Anyone know why I can't see youtubers profile pics on the home page, BUT it goes back to normal when I switch accounts?

@d3monCyborg 9 ай бұрын

Can you please scan crack game made by empress group because the emp.dl is detected by windows defender and i dont know if its safe or not

@forgotten0111 4 ай бұрын

its been 4 days and triage still hasnt sent me my activation link

@percent4188 2 ай бұрын

same

@idk-rl4he Ай бұрын

Bro how do i use triage??

@gir489returns2 Жыл бұрын

If it contains a cryptominer, wouldn't they want it uploaded to a VM like this with a lot of hardware and ran? Seems like you're doing them a favor by running it at all.

@jackjack3358 Жыл бұрын

If you think a crappy a few gigs RAM VM is capable of mining anything at all i have bad news to you, and VMs get generated and destroyed after each run so it can't do anything even if it was capable of mining

@user-jm8sy5ox2j Жыл бұрын

No, a VM is worst case scenario for any kind of malware attacker because generally you destroy the VM entirely after using it. A VM is typically sandboxed too so the malware has no chance to spread itself before the VM is destroyed too

@projectzsavage 10 ай бұрын

how to acces triage vms?

@Wiktorus9630 Ай бұрын

trainge no activation code what happening

@niamotullah99 Жыл бұрын

Running Malware analysis tool into a Malware

@kkekang7 Жыл бұрын

Scamio by BitDefender?

@MTGeomancer Жыл бұрын

I just copied and pasted a link from a phishing email in my spam folder to Scamio. It said there was nothing suspicious and probably not a scam. I wouldn't trust it, at all.

@hakusu Жыл бұрын

Win 11 Home or Pro? :)

@lolcorporation7308 Жыл бұрын

Any.run and intizer

@Skul1ybe Жыл бұрын

Cool

@ARabdurrahmanar Жыл бұрын

Nice🥰

@lewangandrover6441 Жыл бұрын

🔥

@adamion1993 Жыл бұрын

He has very good info but the vpn bullshit is annoying, I get that for a channel that is about cybersec there aren't many sponsor options but cmon a vpn doesn't do anything...encryption this encryption that literally every site is "peer to peer encrypted" or whatever their buzzword is it has never stopped anyone from doing anything ever...great advice but I see vpn ads everywhere and it's just disheartening

@CSX9191 3 ай бұрын

triage is the goat

@KonuralpBalcik Жыл бұрын

There are only 2 viruses in Windows, one is Edge and the other is Defender, no matter how much you delete and block them, they download and install themselves without asking anything. 🤣

@onegenius6390 Жыл бұрын

HEY, HOW ABOUT LINKS TO THESE TOOLS? 🤔

@dismalbreadmaps Жыл бұрын

Mandient is owned by Google

@RK-ly5qj Жыл бұрын

Madiant account were hacked on twitter xD

@kent_calvin Жыл бұрын

Were those bullets

@truefeelings7 Жыл бұрын

i used this tool for manipulating my frnds not in bad way ... installed on his laptop 🤣🤣 7 years back 1st tool

@freezeadq8748 11 ай бұрын

but any of these tools can anylize a simple encrypted .luac file...

@jvlmyt 5 ай бұрын

NICE RAT YOU GOT THEIR

@Epic-so3ek 8 ай бұрын

BOO nord vpn 👎👎👎

@robloxfan4271 Жыл бұрын

don't forget virus total

@godbacchus Жыл бұрын

15 hackers have seen this video so far... lol 👎

@gta5anti-griefer882 Жыл бұрын

🗿

@Nick41622 Жыл бұрын

You don't need a third-party antivirus. It is far more important to update your PC & browser. This is your first line of defence. Windows security is all you need. You don't need none of this shit!

@unguidedone Жыл бұрын

if your looking at a executable then the tool of choice is ghidra. you can also use ida pro if on windows or reflector. if your looking at network activity then wireshark works fine. i am disappointed at the videos lack of technical ability and this is coming from someone who has very basic computer ability skills 2/10 lol.