Is fakenet really worth it?

Discussion in 'Malware Analysis' started by ServerSideIssues, Sep 13, 2017.

  1. ServerSideIssues

    ServerSideIssues New Member

    Sep 12, 2017
    2
    2
    127.0.0.1
    Windows 10
    Avast
    #1 ServerSideIssues, Sep 13, 2017
    Last edited: Sep 13, 2017
    Hello everyone,

    I have been analyzing malware for quite sometime now, but have always used Wireshark to observe the C2 domains between two VM hosts. However, a while back a co-worker of mine mentioned Fakenet-ng. Has anyone played with this tool? Is it worth it?

    Thank you for your time. :)
     
    Sunshine-boy likes this.
  2. Opcode

    Opcode Level 18
    Content Creator

    Aug 17, 2017
    890
    6,285
    Caille
    Windows 10
    I've heard of FakeNet-NG from a friend of mine although I have not used it myself before; it is open-source and can be freely downloaded therefore it wouldn't hurt for you to try it out and see if you are comfortable using it.

    You can find out more information regarding the tool at the following links:
    FakeNet - aldeid (this is the original - not the NG copy)
    GitHub - fireeye/flare-fakenet-ng: FakeNet-NG - Next Generation Dynamic Network Analysis Tool (this is the one you are referring to and is however based* on the original)

    If it works well then it could be a really promising and useful tool to aid in malware analysis. If you do decide to try it out, please do let us know what your thoughts are on it!

    Just a heads up, there's a forum category specifically for Malware Analysis and you can find it here: Malware Analysis - topics like this are better suited over in that area, and keeps topics on the subject all grouped together to be easily found for future reference. :)
     
    Sunshine-boy likes this.
  3. ServerSideIssues

    ServerSideIssues New Member

    Sep 12, 2017
    2
    2
    127.0.0.1
    Windows 10
    Avast
    UPDATE: Fakenet is awesome and I would highly recommend it. Also, ApateDNS is really good as well. Since this post I have tried both. This will definitely aid any malware analyst when performing dynamic analysis. ApateDNS can be found here -> ApateDNS | FireEye
     
Loading...
Similar Threads Forum Date
Q&A Do i really need HTTPS Everywhere extension for chrome? Browsers and Extensions Dec 22, 2017
SECURE ItsReallyMe's Security Config PC Security Configuration Dec 22, 2017
Q&A Do I really need to use CCleaner? General Security Discussions Dec 21, 2017