WindowsSCOPEIn this screen shot, the example snapshot ‘Before Installing Antivirus’ is selected. The view is on Memory View → Summary of System Activity → Open Files, which is showing the Open Files for just the current snapshot. To compare this list to a list from another snapshot, check the box for the snapshots that are to be compared in the…
read moreYou can access the video here.
read more‘Process’ is the process that is using a selected entry, ‘File Name’ is the file or folder being used, and ‘Access Rights’ is what permissions the process has. One thing to note is that the starting directory is assumed to be the main drive on the computer, typically ‘Local Disk (C:)’. From the example snapshot, the process svchost.exe in the…
read moreAny network connection can then be examined. For example, take a closer look at the Firefox connection in the example snapshot that has a ‘Destination’ 74.125.93.105:80. This means that the process is accessing the IP Address 74.125.93.105 using Port 80 by means of TCP. In addition to viewing a summary of the network activity, network activity specific to an…
read moreWhat is a DLL: A DLL (Dynamic-Link Library) can be thought of as a library of code and data that can be used by many programs at once. Essentially, it contains functions that can be called by portable executables. Utilizing a DLL has many advantages. It saves the programmer time from having to write code to perform basic interactions with…
read moreWindowsSCOPE is a tool to learn and analyze the internals of the Windows operating system and everything it runs. Use it to learn to master operating systems, the Windows kernel, virtual memory management, x86 memory management, device drivers and applications. Use it to access the kernel, disassemble and graph any code in the kernel or user space. Also, use it…
read moreBlueRiSC’s WindowsSCOPE Cyber Analysis Tool Suite Enhanced with Phantom Probe Agent Amherst, MA, April 4, 2011 – BlueRiSC enhances its WindowsSCOPE™ reverse-engineering, cyber analysis and defense, and memory forensics tool suite by adding the ability to analyze any computer on a network or Cloud transparently through its industry-unique Phantom Probe Agent™ technology.
read moreBlueRiSC officially releases WindowsSCOPE Pro 1.0 Amherst, MA, March 16, 2011 – BlueRiSC Inc. announces the official launch of WindowsSCOPE, a sophisticated and must-have tool to fully understand and analyze Windows machines―your “Window into Windows.” Various versions of the tool target students and hobbyists, developers, system administrators, law enforcement, and incident responders. Download your 30-day free trial today!
read more