Security Training Share
EKFiddle v0.9.3.7 A framework based on the Fiddler web debugger to study Exploit Kits, malvertising and malicious traffic in general. Changelog Added support for multiple detections per web session Fixed bug with self-detection Features...
Mordor Gates The Mordor project provides pre-recorded security events generated by simulated adversarial techniques in the form of JavaScript Object Notation (JSON) files for easy consumption. The pre-recorded data is categorized by platforms, adversary...
LiSa Project providing automated Linux malware analysis on various CPU architectures. Features QEMU emulation. Currently supporting x86_64, i386, arm, mips, aarch64. Small images built w/ buildroot. Radare2 based static analysis. Dynamic (behavioral) analysis using SystemTap...
Volatility 3: The volatile memory extraction framework Volatility is the world’s most widely used framework for extracting digital artifacts from volatile memory (RAM) samples. The extraction techniques are performed completely independent of the system...
Forager Do you ever wonder if there is an easier way to retrieve, store, and maintain all your threat intelligence data? Random user, meet Forager. Not all threat intel implementations require a database that...
PE-sieve is a light-weight tool that helps to detect malware running on the system, as well as to collect the potentially malicious material for further analysis. Recognizes and dumps a variety of implants within the...
Loki – Simple IOC Scanner Scanner for Simple Indicators of Compromise Detection is based on four detection methods: File Name IOC Regex match on full file path/name Yara Rule Check Yara signature match on...
AMIRA: Automated Malware Incident Response & Analysis AMIRA is a service for automatically running the analysis on the OSXCollector output files. The automated analysis is performed via OSXCollector Output Filters, in particular, The One Filter to Rule...
Project Aura: Security audits for packages The current trend in the development is to use a lot of packages in the development phase, even if they provide only trivial functionality and consist of 11...
YARA is a tool aimed at (but not limited to) helping malware researchers to identify and classify malware samples. With YARA you can create descriptions of malware families (or whatever you want to describe)...
