What I would not like you to consider and why not is explained here.
Someone (Bart Blaze) was into this...he states...
Before we begin, I’d like to make clear that if you want to test your skills after reading this article or want to test malware in general, you should set up a proper testing environment. Make sure you are using a Virtual Machine if testing on your own machine, or create a machine for the sole use of testing malware and antimalware tools. In either case, it’s a good idea to use a separate network or use a DMZ should you have one. Personally I recommend having the machine connected to the internet, so the malware can do its evil work to its maximum potential and you will be able to carefully study and dissect its workings completely.
Then he contined
o not use shared folders between VM & host
do use a separate network
do use a pyisical device and no VM
have antivirus solution installed on your physical device, when using a VM
etc. etc.
Read all the particulars of his article, as you translate this link into English:
https://www.security.nl/posting/41479/Security+Tip+van+de+Week%3A+onderzoek+malware+in+je+eigen+labNow while this set-up is meant for security research on a corporational netrwork and not for the unaware home/hobby user,
it is still rather very problematic. Leave this exploration to the professionals.
Doing this at home is unwise as it could a turn your device into a virtual malware-ridden doorstopper state
or at least make you have serious problems from your Internet provider.
-
When this happens over the weekend you are in big trouble and out on your own.
Furthermore some malcode is know to break out of a VM or sandbox
and could seriously hamper/tamper with your network surroundings.
Always use a separate lab setting off of the Interwebs and in perfect isolation.
Now all users here may understand why polonus went for third party cold reconnaissance.
Let third party scanners do the work for you, do pre-scanning as well and never visit a suspicious or malicious website itself.
Later I give you my experience with Malzilla but that is another story.
I like to use third party scanners, html validators, javascript unpackers, js beautifiers, php scanners,
looking where code may have access, whether there is inline code,
I look for security related information from seo scanning sites. DNS scanning, SSL scanning etc. etc.
Looking for cloaking, suspicious iFrame , difference between Google and Googlebot response code.
Whenever I stuble on code errors I read on stackoverflow and also check for the security implications.
Direct malcode access is an unwise idea for anyone without the proper tools and surroundings.
Just a single confrontation with a file infector or malcode that does not obey the VM surrounding
and starts to eat itself through your sandbox and then you are food for the birds.
And where your provider is concerned:
"Do not do the crime, if you cannot pay the time or even worse".
Have a great first of May, ye all...
polonus