Serious Discussion Thor APT Scanner

fakewatchman said:
Has anyone used Thor apt scanner? We are looking for some more threat hunting tools. Comodo unknown file hunter is another one.
Click to expand...
They are essentially very different… Thor is based on huge amount of Yara signatures. I’ve used it and the results were positive. Comodo seems to be easier to use from what I see and will produce quicker results.
 
  • +Reputation
  • Like
Reactions: simmerskool and vtqhtr413
I've been using UnHackMe for years. It's really robust and I've found custom backdoors and loads of apts with it. I've infected loads of systems with multiple infections and manually cleaned them with UnHackMe. Norton Powe Eraser and all second option scanners say clean after.

My point is... If there are other tools, should I even bother changing my setup?

Tools Used:
UnHackMe Roaming (Has VT API)
XCITIUM Threat Hunter Assessment Toolkit
Thor Lite (Rarely)
 
  • Like
Reactions: simmerskool and Trident
Sandbox Breaker said:
Good to know. So a solid malware analyst and the right tools ⚒️. Thanks bud
Click to expand...
I splurged and got Thor APT Scanner!

Verdict...
It's amazing for seeing what's on a system and what may have happened ;)

Overall I would never rely only on this BMW priced USB alone (Thor apt scanner on USB) but I would combine all the tools I have for a full spectrum analysis.

Tools are great. I feel that Great tools bring out the best in ones knowledge and passion for any given profession.
 
  • Like
Reactions: simmerskool

You may also like...