PE Capture v1.0 + portable | 4.1 Mb
PE Capture is a handy Windows software application useful mainly to capture PE files, such as executables, DLLs and drivers, loaded in the system. It saves a copy of the loaded PE file (renamed as its file hash) on the "Intercepted" folder for further analysis, moreover it logs the execution events to easily find a specific PE file previously captured. This is a swiss army knife to speed-up the malware analysis by capturing the PE files executed in the test environment.
Useful to capture new executables, DLLs and kernel-mode drivers of rootkits and stealth malware. The program is fully portable, we offer the installer mainly for beginner users. The kernel driver is automatically copied to C:\WINDOWS\System32\drivers\ folder when the application is executed, and it is automatically deleted when the application is closed. Recommended for malware analysts and security professionals.Key features and characteristics
Simplify Malware Analysis Process
Effectively Capture Non-system Processes, DLLs, Drivers
Log All Execution Events to a Log File
Save Captured PE Files Renamed as Their MD5 File Hash
Support all Microsoft Windows operating systems
Very lightweight in memory and CPU usage Whats New:
Updates: official site does not provide any info about changes in this version
Download from homepage
(Buy premium account for maximum speed and resumming ability)
Перед тем как скачать PE Capture v1.0 + portable
бесплатно, без смс, регистрации, на халяву, через торрент, рекомендуем прочитать отзывыо PE Capture v1.0 + portable.
Другие новости по теме: