If any of the question fits you then this post is for you. But if i speak by heart these tools are must for every noraml users and hackers too to investigate their systems from boot to close. Today i am making you a real ethical hacker as today i will teach you how to investigate your system. And how to get rid of noobish antiviruses that do simply nothing on your PC just consumes resources of your system.
List of top 5 hack tools for hackers to Inverstigate or Forensic Computer system or PC:
1. Live View
2. Start up List
3. Open Files View
5. Helix 3
Working of above tools stepwise:
1. Live View
Live View is an open source utility that creates a virtual machine of the existing system. Live View creates a virtual disk out of the system that allows you to then safely investigate a copy of the system without interfering with anything installed. So you can easily investigate your system virtually without affecting the original system.
Now restart you PC for further investigations and tools to use.
You can download Live View for free here (Click here to download).
2. Start up List
Now you have a virtual copy of your system and now why you are waiting let’s start investigating PC. So download the Start Up List (click here to download startup list).This is a great way to start the investigation of a system and determine what things might have potentially been put on the system to restart each time the system does. It will provide you the list of all programs that system use during the boot time. Great way to find the keyloggers and other remote montitoring tools as they are always added to start up.
Now why i am saying this tool as you can directly do it using MSCONFIG command. Answer is as simple as question, msconfig only displays the list of programs that are attached to start up using registry keys. Normally what happens the viruses attach themself to some of the existing windows service so it will become difficult to identify its instances. Start up list displays all the back ground programs too.
3. Open Files View
The next step in investigating your computer is to find or determine which other files, other than usual are open. In Linux we can directly do this using the ISOF command in the terminal but there is no similar command in windows. Ahhah now what will you do to investigate this.. Don’t worry OpenFilesView is there(click here to download openfileview). Openfilesview is a Windows executable that lists all the files and processes that are active currently – both local and network based – on the system. So you can easily identify which unusual file is opened or which unusual process is running. Now how it helps, all keyloggers or remote administration tools always maintains a temporary file on which they write their logs or other details. Muahhhhhh… Now nothing is hidden from you. You can see each and everything and find out easily that which noob virus or keylogger is running on your system.
Mine favorite tool out of 5 tools. Now you have researched your system using above there tools, it time to investigate your network traffic. Several times it happens, when you install some software you doubt that it is sending your personal data or information to someone else. Wireshark is a tool that monitors your network packets and analyse them where its sending data. Now how its helpful for you, Most trojans and keyloggers sends logs using network and upload them to FTP or send them to some email address. Using wireshark you can monitor what they are sending and even the username and password of FTP and email accounts on which it is sending. This is the most promising factor that makes to love wireshark more. So why waiting download the wireshark for free: (Click here to download Wireshark).
5. Helix 3
Now you all will be thinks we have done everything, investigating is done…:D but i am Destructive Mind. So few more things are striking my mind. What more i can investigate in the PC. Any guesses…
Damn.. i forgot i was teaching you..
Now how will you determine what the noob viruses has changed in your system, which files they have edited or attached their signatures to which of the programs and most important what they have edited or added. This you can do with the help of Helix 3. Helix 3, a newly updated version of the live Linux forensics tool, can be used to examine the disk safely to see what has been finally changed. So guys now how classy you think you have become. But sorry to inform you that its the first part of hacker’s life and i guranttee 99.99% guys doesn’t know these tools. Ahhh… If they know about these tools then they surely doesn’t know how to use them and more important if they know that also they probably never used them as they are LAZY enough and leave everything on noob antiviruses.
(Click here to download helix3) Its a 30 day trial version guys, as licensed version is for one system only and i can’t share mine :D. But i can tell you some awesome tricks to use it as much as you want. For downloading evalation version again and again just register with new email ID and remove the previous version using WinXP manager which removes registry keys also.
One more suggestion about these noob antiviruses, they detect only those viruses and trojans that are in their database, if a new virus has come then you have to wait till next database upgrade for getting it detected.
I hope you liked this article…No you must like this article if you are hacker or want to become hacker and this post deserve a thanks. If you really liked it or found it beneficial then please comment. You can also post your lovely comment if you have any doubts. In my further articles i will explain these tools in detail that how to use these tools effectively. And one more thing, its only the investigation, in future articles i will teach you how to fix these and delete virus signatures from files without even an antivirus.