Dynamic Analysis Tool

Process Monitor (ProcMon): Monitors and logs real-time file system, registry, and process/thread activity. It's useful for observing what a program does while it runs.
Process Explorer: Offers a detailed view of running processes, including their handles, DLLs, and performance metrics. It's great for understanding what a process is doing and how it's interacting with the system.
Wireshark: A network protocol analyzer that captures and analyzes network traffic. It helps in understanding network communications and detecting suspicious activity.
Regshot: Takes snapshots of the Windows registry before and after running a program to detect changes made by the executable.

Last updated 10 months ago

Process Monitor (ProcMon): Monitors and logs real-time file system, registry, and process/thread activity. It's useful for observing what a program does while it runs.
Process Explorer: Offers a detailed view of running processes, including their handles, DLLs, and performance metrics. It's great for understanding what a process is doing and how it's interacting with the system.
Wireshark: A network protocol analyzer that captures and analyzes network traffic. It helps in understanding network communications and detecting suspicious activity.
Regshot: Takes snapshots of the Windows registry before and after running a program to detect changes made by the executable.

Last updated 10 months ago