 |
| - A - |
| - B - |
| - C - |
| - D - |
| - E - |
| - F - |
| - G - |
| - H - |
| - I - |
| - J - |
| - K - |
| - L - |
| - M - |
| - N - |
| - O - |
| - P - |
| - Q - |
| - R - |
| - S - |
| - T - |
| - U - |
| - V - |
| - W - |
| - X - |
| - Y - |
| - Z - |
Honeymokey
Honeymokey
Honeymonkey was implemented in 2005 by Microsoft. It is a state-based application that detects exploits against clients by monitoring various processes and files. It is very unique in it’s layered approach to interact with servers to address vulnerabilities that may lead to day zero exploits. A honeymonkey starts by crawling the web in a vulnerable state. After an attack has been detected, the server is then re-examined with a full-patched configuration. If vulnerabilities still exists, it can be assumed that the exploit uses an attack for which no patches have been publicly released - signs of a very dangerous attack.
A monkey program is essentially a single instance of the honeymonkey implementation. It uses Internet Explorer to search a website and records all read and write options for the registry and fields. All exploits that are detected can be analyzed and safely managed by a malware detection application. From there, the monkey program restarts it’s virtual engine and crawls to another website in a fresh state.