A tool for generating byte-usage-histograms for all types of files with a special focus on binary executables in PE-format (Windows).
This tool calculates density (like entropy) for files of any file-system-path to finally output an
accordingly descending ordered list. This makes it possible to quickly find (even unknown) malware on
a potentially infected Microsoft Windows driven machine. ...Minibis
Software and tips to easily build up an automated malware analysis station based on a concept introduced in the paper
"Mass Malware Analysis: A Do-It-Yourself Kit".
This tool processes Sysinternals Process Monitor (Procmon) logfiles and PCAP-logs (Windump, Tcpdump) to generate a graph via the GraphViz suite.
This graph visualizes any relevant activities (customizable) and can be interactively analyzed.