Incident Repsonse Tool for malware protection

“Security is about systems failing gracefully” (B. Schneier). When it comes to malware protection, anti-virus products fail rather frequently. So how can we make a system fail gracefully when an a/v fails and we eventually get infected?

This question gave birth to Pholus. This program attempts to defend a computer system against ransomware and some types of banking trojans by monitoring the network connections and responding to “suspicious” communication attempts.

This software was built in Python, in order to be available for both x86, 64 bit Windows systems. In order to test and use this software please visit the following links. Standard disclaimers apply – use at your own risk!

You can download the Pholus setup file here.

For more information, please visit the Pholus.


Comments are closed.

Copyright © 2019 Information Security and Incident Response Research Unit. All Rights Reserved.
No computers were harmed in the 0.514 seconds it took to produce this page.

Designed/Developed by Lloyd Armbrust & hot, fresh, coffee.