Jump to content
View in the app

A better way to browse. Learn more.
Tuts 4 You

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

reversing industrial malwares

Mr.peach
Mr.peach
in Malware Reverse Engineering

Featured Replies

Posted

Hi all experts
I want to know what tools are used to analyze the industrial malwares:dunno:

@Nieo you beat me in speed :D

This scenario can change from target to target there is not a set of predefined tools.

The approach is the same that you will use to reverse a normal software with the difference that in the most of the case before do dinamic analysis you will perform static analysis.

This will be basic steps to how to proceed to perform static and dinamic analysis safely:
- Use Vmware or similar product (Virtualbox) to creare a virtual machine system and make a backup of it
- Copy the malware inside the virtual machine created in zip or rar format
- Isolate the machine from the pc host and internet

Tools may vary based on target but a general kit will be that:
- Disassemblers (IDA Pro)
- Debugger (Windbg, OllyDbg or IDA again)
- System monitor utilities (ProcessMonitor, ProcDOT, ProcessExplorer...)
- Network analysis (Wireshark, Fiddler)
- Register monitor (Regmon, Regshot)

That is an intro list. You will increare your tools weapon every time you encounter a new needs.

Hope it helps. ;)

Edited by crystalboy

    • Like 4
    • Author

    Thank you for your response
    I've worked with Windows malware
    But now I want to know to analyze security threats that exist in SCADA systems what special tools are needed?

     

    I have no experience in what you ask i am sorry.

    Maybe someone else can give it's opinion but i find an article that can give you an idea of what you need, you can find it here:

    http://resources.infosecinstitute.com/improving-scada-system-security/

    Hope it helps ;)

    •
    • Like 1

    SCADA is Macro Concept..

    You supposed to know Linux because most of Tools u find for Security & Penetration Testing is Linux based..

    Here Few Basic Stuff to setup Right Right Environment & Kick Start.. 

    https://www.scadahacker.com/tools.html
http://seclists.org/fulldisclosure/2013/Jan/157
http://www.digitalbond.com/tools/scada-honeynet/downloads/
http://sectools.org/
http://blog.securityonion.net/
http://scadastrangelove.blogspot.com/2013/01/s7brut.html

     

    PS:- There is no Particular Set of Tools.. Its all depend's upon ur Need :) 

    Edited by Nieo

    • Like 2
    • Author

    thank you both

    Create an account or sign in to comment

    Go to topic listing

    Configure browser push notifications
    Chrome (Android)
    1. Tap the lock icon next to the address bar.
    2. Tap Permissions → Notifications.
    3. Adjust your preference.
    Chrome (Desktop)
    1. Click the padlock icon in the address bar.
    2. Select Site settings.
    3. Find Notifications and adjust your preference.