Dynamic Analysis with Windows Sysinternals - TCPView
TCPView is a tool bundled inside the sysinternals suite that is used to view and monitor network traffic.
Related Topic
- AutoRuns
- Procmon
- Procexp
- TCPView
Quick Snap of the tool:
Category: Dynamic Analysis Tools
Procexp Sysinternals
Dynamic Analysis with Windows Sysinternals - Process Explorer
Procexp or Process Explorer is a tool bundled inside the sysinternals suite and a task manager a like but gives extra features. It can be used then to monitor processes and checks its properties.
Procmon Sysinternals
Dynamic Analysis with Windows Sysinternals - Procmon
Procmon is a tool bundled inside the sysinternals suite that logs and monitors processes and its tasks during runtime.
AutoRuns Sysinternals
Malware Dynamic Analysis with Windows Sysinternals - AutoRuns
AutoRuns is a tool bundled inside the sysinternals suite that is used to view and monitor auto-run processes in Windows.
A Quick Snap of the tool:
AutoRuns detects that some xws.exe is inside the SOFTWARE\Microsoft\Windows\CurrentVersion\Run registry, which is a common type of persistence mechanisms for a malware. In this case, malware that adds itself to this registry key survives the reboot.
Sysinternals
Malware Dynamic Analysis with Windows Sysinternals
Windows Sysinternals a Windows tool suite developed by Mark Russinovich that is used to host, manage and troubleshoot Windows operating systems.
