Security Training Share
Vba2Graph A tool for security researchers, who waste their time analyzing malicious Office macros. Generates a VBA call graph, with potential malicious keywords highlighted. Allows for quick analysis of malicious macros, and easy understanding...
MISP – Malware Information Sharing Platform and Threat Sharing MISP, Malware Information Sharing Platform, and Threat Sharing is an open source software solution for collecting, storing, distributing and sharing cybersecurity indicators and threat about...
Maltrail is a malicious traffic detection system, utilizing publicly available (black)lists containing malicious and/or generally suspicious trails, along with static trails compiled from various AV reports and custom user-defined lists, where trail can be anything...
tknk_scanner The original code of a malware must be scanned using YARA rules after processing with a debugger (or other means) to account for obfuscated malware binaries. This is a complicated process and requires...
PHP malware finder does it is very best to detect obfuscated/dodgy code as well as files using PHP functions often used in malware/webshells. The following list of encoders/obfuscators/webshells are also detected: Best PHP Obfuscator...
Atomic Red Team is small, highly portable, community developed detection tests mapped to Mitre’s ATT&CK. ATT&CK was created by and is a trademark of The MITRE Corporation. Our Atomic Red Team tests are small, highly portable...
PA Toolkit (Pentester Academy Wireshark Toolkit) PA Toolkit is a collection of traffic analysis plugins to extend the functionality of Wireshark from a micro-analysis tool and protocol dissector to the macro analyzer and threat...
Imaginary C2 Imaginary C2 is a python tool which aims to help in the behavioural (network) analysis of malware. Imaginary C2 hosts an HTTP server which captures HTTP requests towards selectively chosen domains/IPs. Additionally,...
malice Malice’s mission is to be a free open source version of VirusTotal that anyone can use at any scale from an independent researcher to a fortune 500 company. Changelog v0.3.27 892d011 add docs on...
OSweep Description If you work in IT security, then you most likely use OSINT to help you understand what it is that your SIEM alerted you on and what everyone else in the world...
malscan ClamAV-based malware scanner for Linux web servers. malscan is a scanning platform for Linux servers that simplifies keeping your web servers secure and malware-free. It is built upon the ClamAV platform, providing all...
Noriben Malware Analysis Sandbox Noriben is a Python-based script that works in conjunction with Sysinternals Procmon to automatically collect, analyze, and report on runtime indicators of malware. In a nutshell, it allows you to...
EKFiddle v.0.8.3.3 A framework based on the Fiddler web debugger to study Exploit Kits, malvertising and malicious traffic in general. Changelog Version 0.8.3.3 [2018-11-22] – Added Alexa Rank check (select Session(s), right click ->...
Fnord Fnord is a pattern extractor for obfuscated code Fnord has two main functions: Extract byte sequences and create some statistics Use these statistics, combined length, number of occurrences, similarity and keywords to create...
