Security Training Share
Maltrail is a malicious traffic detection system, utilizing publicly available (black)lists containing malicious and/or generally suspicious trails, along with static trails compiled from various AV reports and custom user-defined lists, where trail can be anything...
stoQ is an automation framework that helps to simplify the more mundane and repetitive tasks an analyst is required to do. It allows analysts and DevSecOps team the ability to quickly transition from different...
python-oletools oletools is a package of python tools to analyze Microsoft OLE2 files (also called Structured Storage, Compound File Binary Format or Compound Document File Format), such as Microsoft Office documents or Outlook messages, mainly for malware...
Sandboxed Execution Environment Sandboxed Execution Environment (SEE) is a framework for building test automation in secured Environments. The Sandboxes, provided via libvirt, are customizable allowing a high degree of flexibility. Different types of Hypervisors...
MISP – Malware Information Sharing Platform and Threat Sharing MISP, Malware Information Sharing Platform, and Threat Sharing is an open-source software solution for collecting, storing, distributing and sharing cybersecurity indicators and threats about cybersecurity...
Mitaka Mitaka is an OSINT friendly IOC (Indicator of Compromise) search tool. It works as a Chrome extension and it makes possible to search / scan IOC via the context menu. Features Supported IOC...
MalConfScan is a Volatility plugin extracts configuration data of known malware. Volatility is an open-source memory forensics framework for incident response and malware analysis. This tool searches for malware in memory images and dumps configuration data. In...
Malcolm is a powerful network traffic analysis tool suite designed with the following goals in mind: Easy to use – Malcolm accepts network traffic data in the form of full packet capture (PCAP) files and Zeek...
Noriben Malware Analysis Sandbox Noriben is a Python-based script that works in conjunction with Sysinternals Procmon to automatically collect, analyze, and report on runtime indicators of malware. In a nutshell, it allows you to...
yarAnalyzer creates statistics on a yara rule set and files in a sample directory. Place some signatures with .yar extension in the “signatures” folder and then run yarAnalyzer on a certain sample directory like:...
Linux news