Security Training Share
Sigma Generic Signature Format for SIEM Systems What is Sigma? Sigma is a generic and open signature format that allows you to describe relevant log events in a straightforward manner. The rule format is...
What is phpMussel? An ideal solution for shared hosting environments, where it’s often not possible to utilize or install conventional anti-virus protection solutions, phpMussel is a PHP script designed to detect trojans, viruses, malware and...
APKiD gives you information about how an APK was made. It identifies many compilers, packers, obfuscators, and other weird stuff. It’s PEiD for Android. For more information on what this tool can be used for, check...
commando-vm CommandoVM – a fully customized, Windows-based security distribution for penetration testing and red teaming. Installed Tools Active Directory Tools Remote Server Administration Tools (RSAT) SQL Server Command Line Utilities Sysinternals Command & Control...
Androwarn Androwarn is a tool whose main aim is to detect and warn the user about potential malicious behaviors developed by an Android application. The detection is performed with the static analysis of the...
ThreatIngestor An extendable tool to extract and aggregate IOCs from threat feeds. Integrates out-of-the-box with ThreatKB and MISP, and can fit seamlessly into any existing workflow with SQS, Beanstalk, and custom plugins. ThreatIngestor can be configured to watch Twitter, RSS feeds,...
Loki – Simple IOC Scanner Scanner for Simple Indicators of Compromise Detection is based on four detection methods: File Name IOC Regex match on full file path/name Yara Rule Check Yara signature match on...
PHP malware scanner Traversing directories for files with php extensions and testing files against text or regexp rules, the rules based on self-gathered samples and publicly available malwares/webshells. The goal is to find infected...
python-oletools oletools is a package of python tools to analyze Microsoft OLE2 files (also called Structured Storage, Compound File Binary Format or Compound Document File Format), such as Microsoft Office documents or Outlook messages, mainly for malware...
Maltrail is a malicious traffic detection system, utilizing publicly available (black)lists containing malicious and/or generally suspicious trails, along with static trails compiled from various AV reports and custom user-defined lists, where trail can be anything...
ExtAnalysis Browser Extension Analysis Framework With ExtAnalysis you can : Download & Analyze Extensions From: Chrome Web Store Firefox Addons Analyze Installed Extensions of: Google Chrome Mozilla Firefox Opera Browser (Coming Soon) Upload and...
ripVT Maltego Canari transforms for Virus Total private API. Provided AS-IS, no warranties, no guarantees. Installation Requires Canari, specifically this branch/version Install Malformity git clone https://github.com/matonis/ripVT.git sudo python setup.py install canari create-profile ripVT Import generated ripVT.mtz...
Flerken – Open-Source Obfuscated Command Detection Tool Command line obfuscation has been proved to be a non-negligible factor in fileless malware or malicious actors that are “living off the land”. To bypass signature-based detection,...
Tyton Kernel-Mode Rootkit Hunter Detected Attacks Hidden Modules Syscall Table Hooking Network Protocol Hooking Netfilter Hooking Zeroed Process Inodes Process Fops Hooking Interrupt Descriptor Table Hooking Additional Features Notifications: Users (including myself) do not...
Suggested Reading TRENDING Linux news