Free new program Memoryze pinpoints malware code in live memory

Discussion in 'other anti-malware software' started by MrBrian, Nov 10, 2008.

Thread Status:
Not open for further replies.
  1. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
  2. Franklin

    Franklin Registered Member

    Joined:
    May 12, 2005
    Posts:
    2,517
    Location:
    West Aussie
    Looks good but doesn't seem to support Vista?
     
  3. optigrab

    optigrab Registered Member

    Joined:
    Nov 6, 2002
    Posts:
    624
    Location:
    Brooklyn/NYC USA
    I read the features list, but I don't know enough to answer this question: Does Memoryze work in the same way as BoClean?
     
  4. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    No - Memoryze, from what I've read, is a forensics program.
     
  5. Trespasser

    Trespasser Registered Member

    Joined:
    Mar 1, 2005
    Posts:
    1,194
    Location:
    Virginia - Appalachian Mtns
    Appears to just report what is going on in memory.
     
  6. PROROOTECT

    PROROOTECT Registered Member

    Joined:
    May 5, 2008
    Posts:
    1,102
    Location:
    HERE ...Fort Lee, NJ
    For me- it is illegible. Riddle: is it for developpers?

    PS. For Mandiant Red Courtain ( sehr gut, super ) look to thread ( in software & services ) : Your NEW BEST Free Softwares ... , #99.
    For excellent anti-rootkit: see KX-Ray ...
     
  7. dw2108

    dw2108 Registered Member

    Joined:
    Jan 24, 2006
    Posts:
    480
    That site looks exactly like the NictaTech AV site. Clones concern me.

    Dave
     
  8. Meriadoc

    Meriadoc Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    2,642
    Location:
    Cymru
    Don't know about that but Memoryze is a very nice tool produced by some top pros in this field. The company can be said to be similar to HBGary with various other services.

    (edit : don't forget their other tools, first response, red curtain, web historian.)
     
    Last edited: Nov 12, 2008
  9. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    5,632
    Location:
    U.S.A. (South)
    Hey

    Is there a way to test this app? Just a little lost with something this new like this.

    Interested in seeing if it can serve some useful purpose or not in this army of defense i deploy.

    Thanks EASTER
     
  10. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    5,632
    Location:
    U.S.A. (South)
    It must be a gimmick
     
  11. nick s

    nick s Registered Member

    Joined:
    Nov 20, 2002
    Posts:
    1,430
    It's not a gimmick if Jamie Butler is involved. I'll give it a spin tomorrow on my remaining XP partition and see what it does. It's a forensic tool that analyzes memory dumps; it's not a resident security app.

    Nick
     
  12. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    5,632
    Location:
    U.S.A. (South)
    Thanks

    Pls offer some kind of activity that a user can either find reported or action performed even if it's a summary because it does absolutely nothing that i can find at all in it's current makeup.

    EASTER
     
  13. nick s

    nick s Registered Member

    Joined:
    Nov 20, 2002
    Posts:
    1,430
    It's usage is via the command line and the output is logged to .xml files. It's not point-and-click. The sample instructions are straightforward: Memoryze - Use Cases and Examples.

    Nick
     
  14. Meriadoc

    Meriadoc Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    2,642
    Location:
    Cymru
    Hi EASTER, no it most certainly is not. I've used it often as with their first response which is a very nice reporting tool for networked or local machine. As nick s link above for instructions - default save to is Mandiant>Audits.
     
    Last edited: Nov 15, 2008
  15. Jamie Butler

    Jamie Butler Registered Member

    Joined:
    Nov 25, 2008
    Posts:
    1
    Thanks Nick for the kind words. We recognize that Memoryze's output is not very user friendly so one of my colleagues has coded a open source Python GUI for you to use. You can read about it on our new blog site: http://blog.mandiant.com/archives/50

    I hope you find this and Memoryze useful.

    Sincerely,
    Jamie Butler
     
  16. Meriadoc

    Meriadoc Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    2,642
    Location:
    Cymru
    Jamie, thanks posting the link.

    From the Audit viewer user guide pdf,
     
Loading...
Thread Status:
Not open for further replies.