Friday, May 01, 2009

GMER Rootkit detection tool

I ran across this cool little free tool for Windows based root kit detection today.  There are actually two tools on the site, catchme.exe and gmer.exe.  Catchme.exe seems to be a command line tool for root kit detection and gmer.exe (whose name changes on each download to thwart malware from detecting it on the way down) is a gui app.  As I’ve never had a root kit infection I can’t comment on how well they work but they look like pretty good tools and they are recommend in the book on OSSEC so that can’t be all that bad. :) 


No comments: