Malware Analyses tools where are thou!?

Started by Stolas, September 15, 2012, 07:48:38 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions

Stolas

September 15, 2012, 07:48:38 PM Last Edit: September 15, 2012, 09:14:44 PM by Stolas
Hello,

I really like Backbox for incident response. It's a wonderful tool and I've loaded it on my pendrive for nearly daily use.
Though I am missing a few tools. Especially for Malware Analyses. I do realise that BB has been developed with simplicity in mind instead of hogging as much tools as possible and therefor be cool (aka Backtrack).

But I am really missing these and I wonder which (if any) of these would be included in future releases (so I'll know if I need to re-roll BackBox myself or if it can stay in the main tree).
The tools I am missing are:

and a varia of Scripts form the Malware Analyses Cookbook (see: http://code.google.com/p/malwarecookbook/source/browse/#svn%2Ftrunk%253Fstate%253Dclosed )

And well, I really miss IDA 6 for Linux on there. But I can live with the fact that you can't share it by default  :)
So I've loaded the install script for that on the same pendrive.
Currently I've loaded REMnux (by Zeltser) on a separate pendrive.
Would be nice if I could combine the two.


Thanks for BackBox though, I'll keep using it no matter what ;)
Whenever you think you can or can't your right.

ZEROF

#1
September 19, 2012, 04:48:17 PM
Hi Stolas,

I agree with you and i think that we can add some of this tools. Cuckoobox is tool with nice updates, and i will talk with Raf (main developer) to add this tool in next release.

Thanks !

Don't ask, read : http://wiki.backbox.org
or just run sudo rm -rf /*

Stolas

#2
September 22, 2012, 03:29:09 PM
Cool, looking forward to the first release that contains anti-malware tools.
Whenever you think you can or can't your right.

dalzo

#3
October 10, 2013, 07:57:22 PM
Hi,
any updates on this topic? ;)

Stolas

#4
October 10, 2013, 09:13:42 PM
Well I stopped using BackBox after Backtrack got their act together. So I am a Kali user now, it has enough reverse engineering tools in box or I can easily create a custom CD.
Whenever you think you can or can't your right.

b4d_bl0ck

#5
October 10, 2013, 10:07:00 PM
Hi,
as said lots of times, BackBox offers a light and complete pentesting environment, but c'mon guys... that's a linux distro, non one is limited to the stock tools. New software can be easily added, this cannot be the reason to change distro (IMHO).

So, including non-stock tools in the distro is easy. You can do two things:
1. create the live USB in persistent mode and install all tools you need;
2. add the tools modifying the downloaded ISO following this wiki: http://wiki.backbox.org/index.php/Customize_the_Live_DVD and then burn it on a non-persistent USB.

This way you will have the tools you need, you can customize boot-up services, autostart apps, conf files and so on...

OT: Stolas can you explain better: "Well I stopped using BackBox after Backtrack got their act together." ?

Thank you guys.
Have fun!
bool secure = check_paranoia() ? true : false;
Print
Go Up Pages1
User actions