Ransomwiz lets you test your security with simulated ransomware

Discussion in 'other anti-malware software' started by guest, Sep 21, 2020.

  1. guest

    guest Guest

    Ransomwiz lets you test your security with simulated ransomware
    Nyotron says it’s easy enough for even the most junior security employee to operate
    September 21, 2020
  2. Rasheed187

    Rasheed187 Registered Member

    Jul 10, 2004
    The Netherlands
    Has anyone tried this? Would be cool to test HMPA and AppCheck against this stuff.
  3. JEAM

    JEAM Registered Member

    Feb 21, 2015
    Here's an item in their FAQ that tripped me up. Under the question, "My files are not being encrypted! Why?", the last item is:
    I suspect that this may be above many people's pay grade. it certainly is above mine.
  4. falsneg

    falsneg Registered Member

    Oct 14, 2020
    Hi there, I'm the author of ransomwiz.

    I'm sorry that the FAQ wasn't clear enough.
    I was referring to selections within the wizard itself in cases where the "Native-extended" delete ("FileDispositionInformationEx") or rename ("FileRenameInformationEx") functions are selected (under the "File Handling" stage) along with an old Windows version that doesn't support them (i.e., these functions were introduced in a later Windows release).
    I'll make sure to correct the FAQ (and the redundant "not") so it'll be less confusing.
    Thanks for your input!

    Also, you may have noticed that most of the wizard steps has reference to documentation where you can read more about the techniques / methods in use (look for the "[i]" links).

    Feel free to contact me via Twitter or email if you need further assistance with running the samples in your lab or if you have any feedback/questions. I'd be happy to help!
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.