Description:
MalTrap is a research utility that monitors malware behavior by intercepting API calls on Windows and logging results. Though still in it's Alpha release and sparse on features, its a very interesting and useful tool. The video below contains a demo of Maltrap run on VNC and Winamp. I demonstrate how the network activity can be detected using the logging info created by Maltrap.
I have a couple of requests for the Maltrap team:
1. Make your software open source so others can contribute
2. Allow users to select which API calls they want to monitor and have logged
3. Allow a search feature on the logging dump (workaround right now is to use notepad)
4. Allow a matrix style freezing of the API calls and for the users to tamper with the inputs to the call or output from the call
Anyways, its a great tool and would highly recommend you all to try it.
You can download it here.
Tags: tools ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.
Comments:
how can i install it using command line