Sunday, June 19, 2011

Incident Analyser 1.0

Incident Analyser is a tool for responding to malware outbreak in an environment. The tool can be helpful in identifying the infected/suspected hosts in a large network.

The tool can perform the following tasks on list of IPs on a network, namely:

Collect list of host automatically or manually from a network
Perform data collection from hosts for the following and dump into the database:
Dumping list of active connections of a node.
Fetching list of network interfaces.
Dumping information of the running processes.
Fetching start-up items list along with actual files path.
Many more...
Perform analysis on the data collected
Generate a report.

Download : On Request