Attack Monitor – Endpoint Detection And Malware Analysis Software
Attack Monitor is Python application written to enhance security monitoring capabilites of Windows 7/2008 (and all later versions) workstations/servers and to automate dynamic analysis of malware.Current modes (mutually exclusive): Endpoint detection (ED) Malware analysis (on dedicated Virtual Machine) Based on events from: Windows event logs Sysmon Watchdog (Filesystem monitoring Python library) TShark (only malware analysis […]