Home

Awesome

Capture-Py

Capture-Py is a malware analysis tool that makes a copy of any files deleted or modified in a given directory and sub-directories. It was intended to be a subsitute for Capture-Bat on 64bit systems.

The original utility Capture-Bat implemented network packet capture, registery monitoring and tracking of what process created what file. Capture-Py doesnt yet. If you need that extra functionality consider running some of these tools along with Capture-Py:

Sysmon (https://technet.microsoft.com/en-us/sysinternals/sysmon)
Process Monitor (https://technet.microsoft.com/en-au/processmonitor)
WireShark (https://www.wireshark.org)