CrowdInspect Malware Forensic Program

Forensic  tools are important to help in analyzing DLLs and processes running on operating system, here you can consider some free programs such as CrowdInspect.  CrowdInspect is a free  tool for Microsoft Windows systems that helps to detect any suspicious connection created with external network. the tool helps investigator to list processes and what is really interesting that it verifies the process connection against Team Cymru’s Malware Hash Registry , VirusTotal and Web of Trust (WOT).

CrowdInspect-Context

CrowdInspect Interface (Click to enlarge)

Integration of Virus total allows to directly analyze the executable with more than 40 antiviruses that will put a better result for detecting rootkits or a hidden malware  on the system. Next you can list all TCP or UDP connections , you can also kill the process directly from the tool or close any connection you feel suspicious.

There will be no need to install any program just run the tool and it will work for your forensic analyses.

You can download the release on the following link:  http://www.crowdstrike.com/community-tools/

Share
You can leave a response, or trackback from your own site.