I want to know if I can open a virtual machine (VMware , Virtual Box ...) and (for example) install windows 7 + some programs (chrome,Word,antivirus....) and then save the current stat (i don't have any idea how i can) then execute a malware after that i want to know if it's possible to know the modified files and the new registry keys that they've added to the VM (All the modifications) after the first saved stat (just for malware analysis) and then i want to be able to return the VM to the first stat (in some tutorials on youtube i saw them saving the new modification in files like "Virus.VMEM" )
How can i do that on linux (Debian) I've already installed VMware and I'm ready to install any other tool could help me ?
I know it's difficult but please help with any idea :)
No comments:
Post a Comment