FMA Intel-Secure™ 2014

Status
Not open for further replies.

Nico@FMA

Level 27
Thread author
Verified
May 11, 2013
1,687
Hello guys,

Most of you do know me as member here on the forum and know me from the advise and guides i have wrote.
Few of you actually know what i do professionally, besides my day to day job.
I have used my day job and the experience that comes from it to write my own program and to start my own company.
And such been working for the past 2 years to establish my own security company and i have been working on TMP's (Tailor Made Programs)
Recently Umbra Polaris has reviewed one of my projects in a quick review and it turned to be a working program that did its job well considering it was still in Alpha phase.
However in the past days lots of things changed and finally all the legal papers and legal mubo-jumbo has been completed and my own company is now officially a fact.
It was already operational for the past 2 years as a freelance based service, but atm it has become a independent organization. As it stands the web page is running on a free host and the domain will change very soon, when the final legal papers are done.
Then we will move the whole site to a dedicated host and set it up properly.
But for now its running and i am very proud and happy about it.

So that said may i officially present to you:

FMA%20Intel-Secure-logo.jpg

Digital Forensics & Intrusion Analysis

Who are we?
FMA Intel-Secure™ is a digital forensics & intrusion analysis, hands-on security consulting and training company. We work with you to understand the unique security challenges, goals, and requirements of your business. We then provide tailored, high quality, customer-focused, and cost-effective solutions to protect you against emerging security threats and the knowledge you need to manage your enterprise security risk pro actively. As a training company, we provide knowledge of real-world security issues through simulated and "how-to" exercises that enable you do your job successfully, saving you retraining costs and time.

FMA Intel-Secure™ is based in Harlingen (Netherlands) and is privately owned and managed by a core team made up of dedicated security experts, computer forensics examiners, consultants, researchers, and trainers with in-depth expertise. Our team has technical backgrounds and business experience gained from working in a variety of premier organizations and governmental institutions.

What services do we provide?
* Research & Analysis

FMA Intel-Secure™ Digital Forensics deals with development of methodologies to detect malicious data and solutions to link generated malicious data and traces to the source.

* Consulting & Training
FMA Intel-Secure™ offers the appropriate awareness and training methods in the form of e-learning, workshops, consultation, and dedicated partner program.

* Solutions & Innovation
FMA Intel-Secure™ develops solutions and innovations for a sustainable safe and controlled cyberspace. A cyberspace that is resilient and can survive disruptions, intrusions and criminal attacks.

Here is the link to the web page

As i mentioned before some of you are aware of the program i wrote, So what is this program about?

Forensic Malware Analysis (FMA) is specifically written to snap shot a clean system kinda like the snapshot features used in Symantec and Kaspersky but than utilizing native windows features at kernel level. Does it have ANY antivirus or protection capacity? No its pure a Analysis tool that can see files and data way beyond the scope of traditional tools. However it does pinpoint exactly which files have been changed, when they have been changed, how they have been changed and where they are located and what their dependencies are.
This gives a system administrator the ability to remove malware and malicious files without using invasive techniques commonly found in antivirus programs and generate a log that cannot be corrupted by malware or intrusions. These logs can be used by law enforcement and forensic specialists to determine the origin of the malicious code / data and has the ability to track back intrusions by using hidden windows features.
As the name suggests this is a specialist tool and aimed mostly at technical users in a corporate & governmental environment.

Right now the program is still in Alpha phase as we are working hard to add new features and to fine tune its abilities. We are also working on a easy to use GUI but this is going to take some time.
The program will be made available on a USB ROM stick to ensure 100% protection to the program itself in order to generate accurate reports:

FMA%20Intel-Secure%20(USB%20Install%20Disk).png


And in the very near future the ROM image on the USB stick will have a emergency rescue anti-root kit and anti malware capabilities provided by a external party.

I am happy to announce the following updates:

Added major features and modules:

1: Group Policy Checker & detection
2: Encryption Checker & detection
3: Driver (all even hidden ones) Checker & detection
4: Added module: Advanced System process viewer and logging (It already was good but its now magic)
5: Added module: Advanced Kernel transaction Checker & detection

Fixed issues:

1: GUI internal code cleanup
2: Script load balancing
3: Fixed CMD memory leak
4: Polished internal code

As you can see this is not just some wild idea, tis is as serious as it gets and i am absolutely ecstatic about the latest in-house testing results where FMA found ALL installed malware on our LIVE system, just by generating and comparing data.
For now the program only works on Windows 7 (SP1) and in the near future it will support Windows 8 /8.1

Kind Regards
Nico

You can find our finished product here

(PS: I request this topic to be added to the security list if approved by the staff)
 
Last edited:

KaptainBug

Level 12
Verified
Dec 26, 2013
562
WOT shows the website as unsatisfactory with reports of phishing. You may want to check with WOT to whitelist your website.
 
  • Like
Reactions: Koroke San

Nico@FMA

Level 27
Thread author
Verified
May 11, 2013
1,687
WOT shows the website as unsatisfactory with reports of phishing. You may want to check with WOT to whitelist your website.

I do not have to check my webpage as its 100% clean and trustworthy.
Considering i did build it from scratch.
The reason why WOT does see it as possible phising is:
A: Its on a free host + free domain (But as i said above this will change really fast when i move to dedicated server + domain)
B: Its so new even google search does not find it yet.
c: WOT always flags new webpages as its reputation based and new webpages do not have any reputation.

Check this link norton safe web says 100% clean.
 
Last edited:

Nico@FMA

Level 27
Thread author
Verified
May 11, 2013
1,687
UPDATE:

Hi guys
I am happy to announce that we are about to have a full version, right now the prgram is pretty much a full beta.

Changes:

1: Deep level system data and security audit capacity increased (Alot)
2: Advanced network and security audit options fine tuned
3: Advanced firewall audit and internet connection repair options added
4: New GUI (simple but GREAT)
5: CPU and Memory monitoring options added
6: Registery vs files vs dll vs process comparison added
7: Various tweaks for stability and speed
8: Own dedicated installation program with uninstall options
9: Fixed various memory leaks and data corruption issues
10: Fixed almost 45 coding and script errors and added various compatibility tweaks.
11: Added ability to see spyware, keyloggers and rootkits
12: Decreased cpu usage and decreased memory usage (Not for speed but for stability so that windows has more juice left for background tasks)

That where 3 long nights coding and testing.
I have personally ran more then 70 tests and so far i could not detect any bugs, however there are some cosmetic bugs and grammar errors but thats only a matter of time.

Here is a screenshot of the program enjoy

Also i want to give special thanks to @Dubseven for the little help i did get during coding as he was MAGIC in overcoming some of the coding difficulties. (Thanks)

I have requested Umbra Polaris to do a new test but this time far more intensive and rigorous so lets see if all the hard work did pay off.
So thats all for now.

Kind Regards Nico
 
D

Deleted member 178

after 5mn of observation,this new version is nice, all infos of my system are there; the next version is promising; good job mate.

i will continue the tests deeper.
 
  • Like
Reactions: Nico@FMA

Nico@FMA

Level 27
Thread author
Verified
May 11, 2013
1,687
after 5mn of observation,this new version is nice, all infos of my system are there; the next version is promising; good job mate.

i will continue the tests deeper.

Starting to get excited HYPER hyper jump JUMP
 

Nico@FMA

Level 27
Thread author
Verified
May 11, 2013
1,687
after 5mn of observation,this new version is nice, all infos of my system are there; the next version is promising; good job mate.

i will continue the tests deeper.

Hi m8

In sended you a PM about a critical error (Which i already have fixed) please make sure you download the new version and delete the old one.

++++++ Edit:
New installtion file has been send by pm to you Umbra Polaris.


@ All others
What is this critical error about?
Simple i spended 3 days with almost no sleep, so what did i do? During the creation of the installation file i added old script files instead of the new ones.
Does that make the program destroy your pc?
No it does not infact the old files are GREAT, however the new ones are better.

What did you fix?
I fixed the installer itself so now its fully featured with proper Menu and Programs folder and uninstaller (The previous one did work but was a limited version as i used a shareware program to test.) Now i got a full program so the whole setup and installation process is a breeze.

Additional fixes:
Changed Setup compiler and script (the setupfile is now properly made)
Added new icons.
Fixed shortcut not being shown.
Added licence for end user.
Fixed 13 cosmetic bugs.
Added capacity to detect rogue services.

Cheers

Another update:
Hosting will be changed within 72 hours so expect downtime of the webpage as the new domain: http://fma-is.nl is being setup.
The webpage itself will be migrated to the premium dedicated server.
So i personally expect the webpage to go offline for a few hours to change things around.

Changes changes you got to love them ^^
 
Last edited:
  • Like
Reactions: DaZa9
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top