Free new program Memoryze pinpoints malware code in live memory

Discussion in 'other anti-malware software' started by MrBrian, Nov 10, 2008.

Thread Status:
Not open for further replies.
  1. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
  2. Franklin

    Franklin Registered Member

    Joined:
    May 12, 2005
    Posts:
    2,517
    Location:
    West Aussie
    Looks good but doesn't seem to support Vista?
     
  3. optigrab

    optigrab Registered Member

    Joined:
    Nov 6, 2002
    Posts:
    624
    Location:
    Brooklyn/NYC USA
    I read the features list, but I don't know enough to answer this question: Does Memoryze work in the same way as BoClean?
     
  4. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    No - Memoryze, from what I've read, is a forensics program.
     
  5. Trespasser

    Trespasser Registered Member

    Joined:
    Mar 1, 2005
    Posts:
    1,204
    Location:
    Virginia - Appalachian Mtns
    Appears to just report what is going on in memory.
     
  6. PROROOTECT

    PROROOTECT Registered Member

    Joined:
    May 5, 2008
    Posts:
    1,102
    Location:
    HERE ...Fort Lee, NJ
    For me- it is illegible. Riddle: is it for developpers?

    PS. For Mandiant Red Courtain ( sehr gut, super ) look to thread ( in software & services ) : Your NEW BEST Free Softwares ... , #99.
    For excellent anti-rootkit: see KX-Ray ...
     
  7. dw2108

    dw2108 Registered Member

    Joined:
    Jan 24, 2006
    Posts:
    480
    That site looks exactly like the NictaTech AV site. Clones concern me.

    Dave
     
  8. Meriadoc

    Meriadoc Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    2,642
    Location:
    Cymru
    Don't know about that but Memoryze is a very nice tool produced by some top pros in this field. The company can be said to be similar to HBGary with various other services.

    (edit : don't forget their other tools, first response, red curtain, web historian.)
     
    Last edited: Nov 12, 2008
  9. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
    Hey

    Is there a way to test this app? Just a little lost with something this new like this.

    Interested in seeing if it can serve some useful purpose or not in this army of defense i deploy.

    Thanks EASTER
     
  10. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
    It must be a gimmick
     
  11. nick s

    nick s Registered Member

    Joined:
    Nov 20, 2002
    Posts:
    1,430
    It's not a gimmick if Jamie Butler is involved. I'll give it a spin tomorrow on my remaining XP partition and see what it does. It's a forensic tool that analyzes memory dumps; it's not a resident security app.

    Nick
     
  12. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
    Thanks

    Pls offer some kind of activity that a user can either find reported or action performed even if it's a summary because it does absolutely nothing that i can find at all in it's current makeup.

    EASTER
     
  13. nick s

    nick s Registered Member

    Joined:
    Nov 20, 2002
    Posts:
    1,430
    It's usage is via the command line and the output is logged to .xml files. It's not point-and-click. The sample instructions are straightforward: Memoryze - Use Cases and Examples.

    Nick
     
  14. Meriadoc

    Meriadoc Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    2,642
    Location:
    Cymru
    Hi EASTER, no it most certainly is not. I've used it often as with their first response which is a very nice reporting tool for networked or local machine. As nick s link above for instructions - default save to is Mandiant>Audits.
     
    Last edited: Nov 15, 2008
  15. Jamie Butler

    Jamie Butler Registered Member

    Joined:
    Nov 25, 2008
    Posts:
    1
    Thanks Nick for the kind words. We recognize that Memoryze's output is not very user friendly so one of my colleagues has coded a open source Python GUI for you to use. You can read about it on our new blog site: http://blog.mandiant.com/archives/50

    I hope you find this and Memoryze useful.

    Sincerely,
    Jamie Butler
     
  16. Meriadoc

    Meriadoc Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    2,642
    Location:
    Cymru
    Jamie, thanks posting the link.

    From the Audit viewer user guide pdf,
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.