Jump to content
Tuts 4 You

reversing industrial malwares


Recommended Posts

@Nieo you beat me in speed :D

This scenario can change from target to target there is not a set of predefined tools.

The approach is the same that you will use to reverse a normal software with the difference that in the most of the case before do dinamic analysis you will perform static analysis.

This will be basic steps to how to proceed to perform static and dinamic analysis safely:
- Use Vmware or similar product (Virtualbox) to creare a virtual machine system and make a backup of it
- Copy the malware inside the virtual machine created in zip or rar format
- Isolate the machine from the pc host and internet

Tools may vary based on target but a general kit will be that:
- Disassemblers (IDA Pro)
- Debugger (Windbg, OllyDbg or IDA again)
- System monitor utilities (ProcessMonitor, ProcDOT, ProcessExplorer...)
- Network analysis (Wireshark, Fiddler)
- Register monitor (Regmon, Regshot)

That is an intro list. You will increare your tools weapon every time you encounter a new needs.

Hope it helps. ;)

Edited by crystalboy
  • Like 4
Link to comment
Share on other sites

Thank you for your response
I've worked with Windows malware
But now I want to know to analyze security threats that exist in SCADA systems what special tools are needed?


Link to comment
Share on other sites

SCADA is Macro Concept..

You supposed to know Linux because most of Tools u find for Security & Penetration Testing is Linux based..

Here Few Basic Stuff to setup Right Right Environment & Kick Start..



PS:- There is no Particular Set of Tools.. Its all depend's upon ur Need :) 

Edited by Nieo
  • Like 2
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...