So as I was doing some searching through the internet I came upon a security news site that had an article that talked about some great tools that can be useful to a security researcher or administrator. These tools could be used to further research for future attacks and over protect any network from attack. The first of these tools that could possibly be the most important is Wireshark. Wireshark is by far the ultimate network protocol analyzer and can be an amazing asset to you. Wireshark can show you all the information passing through your network and has data on over 100 different network protocols. Also if you intend to create your own protocol this would be a great way to test it.
Another tool that is also great for testing things is a sandbox environment. No one wants to crash their personal machine, but they do want to play with the copy of stuxnet that they received. An invaluable tool for playing with these viruses and perhaps ultimately learning ways to break them down and defend against them better would be VMWare. VMWare is virtualization software for desktops servers and other platforms that can be used to run a virtual machine within the program that will provide you with that sandbox environment that you require for your virus testing.
And the final tool that I’ll be covering is a debugger and decompiler. These two tools will allow you to look “under the hood” of programs to find out what is wrong with them and in the case of a malware program, these could potentially allow you to break it down and find out what exactly it’s doing. One example given in the original article that I like had to do with a text copying malware. This malware would intercept your messages and copy them to a dropbox so that owner of the malware could obtain data from you. However with these tools you find out what this malware is doing, how it is doing it, and then get the code of it with the decompiler.
These tools can definitely be a great help to anyone interested in information security and I’m gonna post the original article so that you all can read about the other tools that the author talked about.