Malware Forensics

Malware Forensics

.

ZecOps

ZecOps is a cutting-edge Mobile XDR & DFIR solution for iOS & Android. Perform automated investigations in minutes to uncover cyber-espionage on smartphones and tablets. It is the only available tool that provides the capability to extract, deliver, and analyze mobile device logs for signs of compromise or malicious activity. During this process it will gather only what is needed to perform a security investigation and transforms device logs into actionable intelligence by discovering disruptive attacks that go unnoticed otherwise.

IDA Pro

A state-of-the-art binary code analysis tool from Hex-Rays. IDA Pro can analyze binary code that was collected during forensic investigation. It can handle virtually any code that runs on modern processors, and its functionality can be extended with custom scripts and plugins. This makes it especially useful when analyzing heavily obfuscated code. IDA has been relentlessly battle-tested in the field against real-world malware, which has made it the tool of choice for many CERT organizations.

Gargoyle Investigator MP

A DFIR Tool for Advanced Malware Detection. Gargoyle MP is the next generation of WetStone’s advanced malware discovery solution for computer forensic investigators and incident response teams. It is designed for forensic laboratories, law enforcement, field investigators, advanced private investigators, and enterprise cyber security personnel. Gargoyle performs a rapid search for malicious applications and provides significant clues regarding the activities, motives and intent of a suspect. Gargoyle MP is designed to simplify breach and malware triage investigation and incident response activities. Gargoyle MP enables users to perform a rapid search for known contraband, hostile programs and lost or leaked corporate assets.

Cerberus

Data breaches are increasing. When malware and viruses hit your organization, you risk downtime or even reputation damage while you work to fix the breach. Even if you have an incident response plan, adding the right software can help you identify compromises faster. Cerberus is an automated malware triage platform solution designed to easily integrate with FTK®, empowering organizations to proactively identify compromised systems. It’s a first layer of defense against the risk of imaging unknown devices and allows you to identify infected files and avoid exporting them after processing your data.