Security Training Share
Cuckoo Sandbox is the leading open source automated malware analysis system. What does that mean? It simply means that you can throw any suspicious file at it and in a matter of seconds Cuckoo will...
histstat This is a cross-platform command line tool for obtaining live, rudimentary network connection data on a computer system. This tool was designed for network and security analysts to easily view connections on a...
pftriage is a tool to help analyze files during malware triage. It allows an analyst to quickly view and extract the properties of a file to help during the triage process. The tool also...
Un{i}packer Unpacking PE files using Unicorn Engine The usage of runtime packers by malware authors is very common, as it is a technique that helps to hinder analysis. Furthermore, packers are a challenge for...
Icewater Yara rules This project provides open-source YARA rules for the detection of malware and malicious files. The anti-virus industry prefers names for a threat. This is my attempt to publish signatures as numbers. Since...
PasteHunter is a python3 application that is designed to query a collection of sites that host publicly posted data. For all the pasts it finds it scans the raw contents against a series of...
PE-sieve is a light-weight tool that helps to detect malware running on the system, as well as to collect the potentially malicious material for further analysis. Recognizes and dumps a variety of implants within the...
Simplify Simplify virtually executes an app to understand its behavior and then tries to optimize the code so that it behaves identically but is easier for a human to understand. Each optimization type is...
MISP – Malware Information Sharing Platform and Threat Sharing MISP, Malware Information Sharing Platform, and Threat Sharing is an open source software solution for collecting, storing, distributing and sharing cybersecurity indicators and threat about...
ViperMonkey is a VBA Emulation engine written in Python, designed to analyze and deobfuscate malicious VBA Macros contained in Microsoft Office files (Word, Excel, PowerPoint, Publisher, etc). See my article “Using VBA Emulation to...
EKFiddle v0.9.2.1 A framework based on the Fiddler web debugger to study Exploit Kits, malvertising and malicious traffic in general. Changelog Version 0.9.2.1 [2019-06-10] – Added Abuse Report (previously Traffic Summary) (Context menu ->...
Sojobo – A binary analysis framework Sojobo is an emulator for the B2R2 framework. It was created to easier the analysis of potentially malicious files. It is totally developed in .NET so you don’t need to...
stoQ is an automation framework that helps to simplify the more mundane and repetitive tasks an analyst is required to do. It allows analysts and DevSecOps team the ability to quickly transition from different...
pcodedmp.py – A VBA p-code disassembler It is not widely known, but macros are written in VBA (Visual Basic for Applications; the macro programming language used in Microsoft Office) exist in three different executable...
Suggested Reading TRENDING Linux news