This project had given me the opportunity to work with a lot of tools that I haven’t had to work with previously.
This is especially the case regarding VMWare. Before this project, the only real interaction I had with VMs was Kali Linux utilizing TigerVNC in order to create a Linux environment. However, the Kali Linux environment works right out of the box, and most assignments related to it are purely for Linux features. This project requires a bit more input regarding the creation of the virtual machine, as well as how network connections are handled within the VM. The most interesting feature is the snapshot tool, as that will allow me to undo any changes that occur as a result of the malware.
Other than that, the only other thing we’ll really be using are in-OS tools for malware analysis. While some, like Wireshark, are recognizable as things I’ve used previously, there are some tools that I’ve never used such as Regshot. The other tools we’ll be using is IDA Pro–which can be used to disassemble an executable file for its source code–and Strings, which we’ll use to find any patterns within the malware code. Finally, we have ProcMon, which we will use to monitor processes.
Since I have so few interactions with so many of these tools, it’s difficult to say which one I’m having the most difficult time learning, since I’m learning all of them right now.
Speaking of difficulty, I’ll include Google Docs as one of the technologies we’ll have to use. If we were to rank each technology based on learning curve, Google Docs would be at the bottom of that list due to its ease of use. Other than that, we’re using Discord for communication and Trello for project management, which are also relatively easy to use.
Overall, I think our project is in a good place, but depending on how the project develops, we may add or remove technologies when appropriate.
Leave a Reply