Information Security Toolkit
Page: Under construction
Here is a collection of my favorite InfoSec Tools, following tools are often used for penetration testing and digital forensics. As such, they may be categorised as hack tools, unwanted programs, or even malware by certain security programs. Please note that these tools do not perform any function other than what is detailed in their descriptions and do not contain malware.
SunPEView - is a little the PE file viewer to Investigate of PE32 & PE64 files is. It further supports Hexeditor view, file location calculator and a hex-dec-bin converter. Shows detailed information of each PE field, including file offset and field size as well as description. Encoding of flags / enumeration members ...
EXE Explorer v220.127.116.11
Explorer the EXE - the this application is based on the Portable Executable Reader is MiTeC. It reads and displays executable file properties and structure. It is compatible with PE32, PE32 + (64bit), NE (Windows 3.x New Executable) and VxD (Windows 9x Virtual Device Driver) file types. .NET Executables are supported too.
McAfee GetSusp is intended for users who suspect undetected malware on their computer. GetSusp eliminates the need for deep technical knowledge of computer systems to isolate undetected malware. It does this by using a combination of heuristics and querying the McAfee Global Threat Intelligence (GTI) File Reputation database to gather suspicious files.
GetSusp is recommended as a first tool of choice when analyzing a suspect computer. However, one must follow the existing McAfee support process for escalating suspicious files it finds.
The build below is for McAfee ePO administrators.
Ransomware Interceptor (Pilot)
Ransomware malware has evolved to be a tremendous threat over the last few years. Such malware will install on your system, encrypt or damage data on your system in a way that in many cases is irrecoverable unless you have a decryption key. Consumers may have to pay the malware authors hefty amounts of money (varies from a few 100 to a 1000 USD) to obtain the recovery key. Failure to do so typically results in permanent loss of data.
Interceptor is an Anti-Ransomware tool. Interceptor is an early detection tool that prevents file encryption attempts by ransomware malware. This tool leverages heuristics and machine learning to identify such malware.
For questions, comments, and inquiries regarding this software please visit our community page.
Real Protect (BETA)
Real Protect is a real-time behavior detection technology that monitors suspicious activity on an endpoint. Real Protect leverages machine learning and automated, behavioral-based classification in the cloud to detect zero-day malware in real time.
Real Protect is available as a free tool and is also bundled with Stinger. McAfee plans to incorporate Real Protect into future anti-malware products.