From Collaborative RCE Tool Library

Jump to: navigation, search

System Diff Tools


Tool name: All-Seeing Eye
Rating: 5.0 (1 vote)
Author: Fortego Security                        
Website: http://www.fortego.com/en/ase.html
Current version: 0.7.1
Last updated: 2007
Direct D/L link: http://www.fortego.com/resources/ase071.zip
License type: Free
Description: Tool for automated diff-style checking of many sensitive system areas that malware and other programs often try to modify silently. Like Tripwire on speed.
Also listed in: File System Diff Tools, Install Monitoring Tools, Registry Monitoring Tools
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)



Tool name: Attack Surface Analyzer
Rating: 0.0 (0 votes)
Author: Microsoft Corporation                        
Website: http://go.microsoft.com/?linkid=9758398
Current version: Beta
Last updated: January 18, 2011
Direct D/L link: http://go.microsoft.com/?linkid=9758398
License type: Freeware
Description: Attack Surface Analyzer is the same tool used by Microsoft's internal product teams to catalogue changes made to the operating system by the installation of new software.

Attack Surface Analyzer takes a snapshot of your system state before and after the installation of product(s) and displays the changes to a number of key elements of the Windows attack surface.

This allows:
- Developers to view changes in the attack surface resulting from the introduction of their code on to the Windows platform
- IT Professionals to assess the aggregate Attack Surface change by the installation of an organization's line of business applications
- IT Security Auditors evaluate the risk of a particular piece of software installed on the Windows platform during threat risk reviews
- IT Security Incident Responders to gain a better understanding of the state of a systems security during investigations (if a baseline scan was taken of the system during the deployment phase)
Also listed in: File System Diff Tools, Install Monitoring Tools, Registry Diff Tools
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)



Tool name: MALM: Malware Monitor
Rating: 0.0 (0 votes)
Author: Geoff McDonald                        
Website: http://www.split-code.com/
Current version: v1.2
Last updated: December 16, 2012
Direct D/L link: http://www.split-code.com/files/malm-v1_2.zip
License type: Freeware
Description: MALM is a 32 and 64bit Windows OS command-prompt tool for monitoring malware. It monitors:
- New processes
- New modules in existing processes
- New executable heaps in existing processes.

As it notices changes, MALM will output observations to the console. When MALM is terminated by CTRL-C, it will generate a final report of it's findings.

This tool is particularly useful for monitoring where the malware resides after execution, since malware often injects itself into other processes.
Also listed in: Malware Analysis Tools, Memory Data Tracing Tools, Monitoring Tools, Process Monitoring Tools
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)



Tool name: Total Uninstall
Rating: 0.0 (0 votes)
Author: Gavrila Martau                        
Website: http://www.martau.com
Current version: 5.4.2
Last updated: June 15, 2009
Direct D/L link: N/A
License type: Shareware
Description: Total Uninstall is a complete uninstaller which includes two working modes.

Installed Programs module analyze existing installations and create a log with installation changes. It can uninstall programs even without the help of the supplied Add Remove program.
Just select from the list the program that you want to uninstall and in a few seconds Total Uninstall will analyze it and will show in a tree view detected files, folders, registry keys and values of that program. You can review the details and remove some of the detected items. Total Uninstall is ready to uninstall the analyzed program. It will use first the supplied Add Remove program and will continue removing remaining items using the log.

Monitored Programs module helps to monitor any changes made to your system during the installation of a new program. It allows you to perform a complete uninstall without having to rely on the supplied Add Remove program, which can leave files or changes behind.
Total Uninstall creates a snapshot of your system prior to installing a new program. It then takes an additional snapshot after the installation has completed. It then compares the two snapshots and displays all changes in a graphical tree view, marking all registry values and/or files that have been added, changed or deleted. Total Uninstall saves these changes and, if you decide to uninstall the program, it will reverse the changes to the previous state.
Features

* Accurate analyze existing installations and create a log with installation changes.
* Monitor changes from registry and file system for new installations.
* Uninstall completely and thoroughly analyzed or monitored programs.
* List without delay installed or monitored programs and with appropriate icons.
* Organize in groups installed or monitored programs.
* Find the program to uninstall by keyword quickly and easily.
* Summary and detailed information for each installed or monitored program.
* User configurable views of the detected changes.
* It shows a detailed uninstall log.
* Powerful search in detected changes.
* Standalone and low resource usage agent for notification of running installation programs
* Export registry changes for install or uninstall
* Export installed or monitored programs list to file
* Export to file or print detected changes
* View and apply pending file rename operations without restart.
Also listed in: File System Diff Tools, Registry Diff Tools
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)



Tool name: Winalysis
Rating: 0.0 (0 votes)
Author:                         
Website: http://www.winalysis.com
Current version: 3.1
Last updated: January 13, 2006
Direct D/L link: Locally archived copy
License type: Shareware
Description: Winalysis is a software application that can help you manage change on computers running Windows. The program can:

Make compressed Snapshots of local and remote computer configurations. Test for changes from snapshots at any time.

Monitor for changes to files, the registry, users, groups, security policies, services, shares, scheduled jobs, the system environment and more.

Monitor remote computers from a central location. There is no need to install Winalysis on the remote machines.

Restore files and/or the registry from compressed snapshots with the ability to undo a restore at any time.
Also listed in: Install Monitoring Tools
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)


RSS feed Feed containing all updates and additions for this category.

RSS feed Feed containing all updates and additions for this category, including sub-categories.





Views
Category Navigation Tree
   Code Coverage Tools  (13)
   Code Ripping Tools  (2)
   Binary Diff Tools  (7)
   Image Diff Tools  (2)
   System Diff Tools  (5)
   Text Diff Tools  (6)
   Helper Tools  (3)
   Hex Editors  (13)
   Memory Patchers  (7)
   Packers  (20)
   Profiler Tools  (11)
   String Finders  (10)
   Tool Hiding Tools  (7)
   Tracers  (22)
   Needs New Category  (3)