β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦2020 #Anonymizers
Web traffic anonymizers for analysts.
[Anonymouse.org](http://anonymouse.org/) - A free, web based anonymizer.
OpenVPN - VPN software and hosting solutions.
[Privoxy](http://www.privoxy.org/) - An open source proxy server with some
privacy features.
Tor - The Onion Router, for browsing the web
without leaving traces of the client IP.
β 2020 GIT SOURCES
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦2020 #Anonymizers
Web traffic anonymizers for analysts.
[Anonymouse.org](http://anonymouse.org/) - A free, web based anonymizer.
OpenVPN - VPN software and hosting solutions.
[Privoxy](http://www.privoxy.org/) - An open source proxy server with some
privacy features.
Tor - The Onion Router, for browsing the web
without leaving traces of the client IP.
β 2020 GIT SOURCES
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
OpenVPN
Business VPN For Secure Networking | OpenVPN
OpenVPN provides secure remote access for businesses. Our self-hosted and cloud-managed solutions offer zero trust network access built on the leading OpenVPN protocol.
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦TOP #Malware
Malware samples collected for analysis.
[Contagio](http://contagiodump.blogspot.com/) - A collection of recent
malware samples and analyses.
Exploit Database - Exploit and shellcode
samples.
[Infosec - CERT-PA](https://infosec.cert-pa.it/analyze/submission.html) - Malware samples collection and analysis.
InQuest Labs - Evergrowing searchable corpus of malicious Microsoft documents.
[Javascript Mallware Collection](https://github.com/HynekPetrak/javascript-malware-collection) - Collection of almost 40.000 javascript malware samples
Malpedia - A resource providing
rapid identification and actionable context for malware investigations.
[Malshare](https://malshare.com) - Large repository of malware actively
scrapped from malicious sites.
Open Malware Project - Sample information and
downloads. Formerly Offensive Computing.
[Ragpicker](https://github.com/robbyFux/Ragpicker) - Plugin based malware
crawler with pre-analysis and reporting functionalities
theZoo - Live malware samples for
analysts.
[Tracker h3x](http://tracker.h3x.eu/) - Agregator for malware corpus tracker
and malicious download sites.
vduddu malware repo - Collection of
various malware files and source code.
[VirusBay](https://beta.virusbay.io/) - Community-Based malware repository and social network.
ViruSign - Malware database that detected by
many anti malware programs except ClamAV.
[VirusShare](https://virusshare.com/) - Malware repository, registration
required.
VX Vault - Active collection of malware samples.
[Zeltser's Sources](https://zeltser.com/malware-sample-sources/) - A list
of malware sample sources put together by Lenny Zeltser.
Zeus Source Code - Source for the Zeus
trojan leaked in 2011.
β 2020 GIT SOURCES
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦TOP #Malware
Malware samples collected for analysis.
[Contagio](http://contagiodump.blogspot.com/) - A collection of recent
malware samples and analyses.
Exploit Database - Exploit and shellcode
samples.
[Infosec - CERT-PA](https://infosec.cert-pa.it/analyze/submission.html) - Malware samples collection and analysis.
InQuest Labs - Evergrowing searchable corpus of malicious Microsoft documents.
[Javascript Mallware Collection](https://github.com/HynekPetrak/javascript-malware-collection) - Collection of almost 40.000 javascript malware samples
Malpedia - A resource providing
rapid identification and actionable context for malware investigations.
[Malshare](https://malshare.com) - Large repository of malware actively
scrapped from malicious sites.
Open Malware Project - Sample information and
downloads. Formerly Offensive Computing.
[Ragpicker](https://github.com/robbyFux/Ragpicker) - Plugin based malware
crawler with pre-analysis and reporting functionalities
theZoo - Live malware samples for
analysts.
[Tracker h3x](http://tracker.h3x.eu/) - Agregator for malware corpus tracker
and malicious download sites.
vduddu malware repo - Collection of
various malware files and source code.
[VirusBay](https://beta.virusbay.io/) - Community-Based malware repository and social network.
ViruSign - Malware database that detected by
many anti malware programs except ClamAV.
[VirusShare](https://virusshare.com/) - Malware repository, registration
required.
VX Vault - Active collection of malware samples.
[Zeltser's Sources](https://zeltser.com/malware-sample-sources/) - A list
of malware sample sources put together by Lenny Zeltser.
Zeus Source Code - Source for the Zeus
trojan leaked in 2011.
β 2020 GIT SOURCES
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
Exploit-Db
OffSecβs Exploit Database Archive
The Exploit Database - Exploits, Shellcode, 0days, Remote Exploits, Local Exploits, Web Apps, Vulnerability Reports, Security Articles, Tutorials and more.
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Open Source #Threat Intelligence
#Tools for creating Malwares & resources :
Harvest and analyze IOCs.
[AbuseHelper](https://github.com/abusesa/abusehelper) - An open-source
framework for receiving and redistributing abuse feeds and threat intel.
AlienVault Open Threat Exchange - Share and
collaborate in developing Threat Intelligence.
[Combine](https://github.com/mlsecproject/combine) - Tool to gather Threat
Intelligence indicators from publicly available sources.
Fileintel - Pull intelligence per file hash.
[Hostintel](https://github.com/keithjjones/hostintel) - Pull intelligence per host.
IntelMQ -
A tool for CERTs for processing incident data using a message queue.
[IOC Editor](https://www.fireeye.com/services/freeware/ioc-editor.html) -
A free editor for XML IOC files.
iocextract - Advanced Indicator
of Compromise (IOC) extractor, Python library and command-line tool.
[ioc_writer](https://github.com/mandiant/ioc_writer) - Python library for
working with OpenIOC objects, from Mandiant.
MalPipe - Malware/IOC ingestion and
processing engine, that enriches collected data.
[Massive Octo Spice](https://github.com/csirtgadgets/massive-octo-spice) -
Previously known as CIF (Collective Intelligence Framework). Aggregates IOCs
from various lists. Curated by the
[CSIRT Gadgets Foundation](http://csirtgadgets.org/collective-intelligence-framework).
MISP - Malware Information Sharing
Platform curated by The MISP Project.
[Pulsedive](https://pulsedive.com) - Free, community-driven threat intelligence platform collecting IOCs from open-source feeds.
PyIOCe - A Python OpenIOC editor.
[RiskIQ](https://community.riskiq.com/) - Research, connect, tag and
share IPs and domains. (Was PassiveTotal.)
threataggregator -
Aggregates security threats from a number of sources, including some of
β 2020 GIT SOURCES
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Open Source #Threat Intelligence
#Tools for creating Malwares & resources :
Harvest and analyze IOCs.
[AbuseHelper](https://github.com/abusesa/abusehelper) - An open-source
framework for receiving and redistributing abuse feeds and threat intel.
AlienVault Open Threat Exchange - Share and
collaborate in developing Threat Intelligence.
[Combine](https://github.com/mlsecproject/combine) - Tool to gather Threat
Intelligence indicators from publicly available sources.
Fileintel - Pull intelligence per file hash.
[Hostintel](https://github.com/keithjjones/hostintel) - Pull intelligence per host.
IntelMQ -
A tool for CERTs for processing incident data using a message queue.
[IOC Editor](https://www.fireeye.com/services/freeware/ioc-editor.html) -
A free editor for XML IOC files.
iocextract - Advanced Indicator
of Compromise (IOC) extractor, Python library and command-line tool.
[ioc_writer](https://github.com/mandiant/ioc_writer) - Python library for
working with OpenIOC objects, from Mandiant.
MalPipe - Malware/IOC ingestion and
processing engine, that enriches collected data.
[Massive Octo Spice](https://github.com/csirtgadgets/massive-octo-spice) -
Previously known as CIF (Collective Intelligence Framework). Aggregates IOCs
from various lists. Curated by the
[CSIRT Gadgets Foundation](http://csirtgadgets.org/collective-intelligence-framework).
MISP - Malware Information Sharing
Platform curated by The MISP Project.
[Pulsedive](https://pulsedive.com) - Free, community-driven threat intelligence platform collecting IOCs from open-source feeds.
PyIOCe - A Python OpenIOC editor.
[RiskIQ](https://community.riskiq.com/) - Research, connect, tag and
share IPs and domains. (Was PassiveTotal.)
threataggregator -
Aggregates security threats from a number of sources, including some of
β 2020 GIT SOURCES
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - abusesa/abusehelper: A framework for receiving and redistributing abuse feeds
A framework for receiving and redistributing abuse feeds - abusesa/abusehelper
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Client installation under Windows
#Fast Tip
Let's look at what happens when you install the client on Windows. No matter how hidden the process of installing the server, some initial data will still have to be set, explicitly requesting it from the user or setting some default values.
During the installation process of the InterBase client, you need to specify the directory where InterBase will be installed
> let's call it <InterBase root>. Client installation includes the following steps:
1)Copy files included in the client.
2) Register files for sharing.
3) Create registry keys.
4)Registration of the TCP / IP service.
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Client installation under Windows
#Fast Tip
Let's look at what happens when you install the client on Windows. No matter how hidden the process of installing the server, some initial data will still have to be set, explicitly requesting it from the user or setting some default values.
During the installation process of the InterBase client, you need to specify the directory where InterBase will be installed
> let's call it <InterBase root>. Client installation includes the following steps:
1)Copy files included in the client.
2) Register files for sharing.
3) Create registry keys.
4)Registration of the TCP / IP service.
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦#MALWARES Threat intelligence and IOC resources.
[Autoshun](https://www.autoshun.org/) ([list](https://www.autoshun.org/files/shunlist.csv)) -
Snort plugin and blocklist.
Bambenek Consulting Feeds -
OSINT feeds based on malicious DGA algorithms.
[Fidelis Barncat](https://www.fidelissecurity.com/resources/fidelis-barncat) -
Extensive malware config database (must request access).
CI Army (list) -
Network security blocklists.
[Critical Stack- Free Intel Market](https://intel.criticalstack.com) - Free
intel aggregator with deduplication featuring 90+ feeds and over 1.2M indicators.
Cybercrime tracker - Multiple botnet active tracker.
[FireEye IOCs](https://github.com/fireeye/iocs) - Indicators of Compromise
shared publicly by FireEye.
FireHOL IP Lists - Analytics for 350+ IP lists
with a focus on attacks, malware and abuse. Evolution, Changes History,
Country Maps, Age of IPs listed, Retention Policy, Overlaps.
[HoneyDB](https://riskdiscovery.com/honeydb) - Community driven honeypot sensor data collection and aggregation.
hpfeeds - Honeypot feed protocol.
[Infosec - CERT-PA lists](https://infosec.cert-pa.it/analyze/statistics.html) ([IPs](https://infosec.cert-pa.it/analyze/listip.txt) - [Domains](https://infosec.cert-pa.it/analyze/listdomains.txt) - [URLs](https://infosec.cert-pa.it/analyze/listurls.txt)) - Blocklist service.
InQuest REPdb - Continuous aggregation of IOCs from a variety of open reputation sources.
[InQuest IOCdb](https://labs.inquest.net/iocdb) - Continuous aggregation of IOCs from a variety of blogs, Github repos, and Twitter.
Internet Storm Center (DShield) - Diary and
searchable incident database, with a web API.
(unofficial Python library).
[malc0de](http://malc0de.com/database/) - Searchable incident database.
Malware Domain List - Search and share
malicious URLs.
[MetaDefender Threat Intelligence Feed](https://www.opswat.com/developers/threat-intelligence-feed) -
List of the most looked up file hashes from MetaDefender Cloud.
OpenIOC -
Framework for sharing threat intelligence.
[Proofpoint Threat Intelligence](https://www.proofpoint.com/us/products/et-intelligence) -
Rulesets and more. (Formerly Emerging Threats.)
Ransomware overview
β 2020 GIT SOURCES
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦#MALWARES Threat intelligence and IOC resources.
[Autoshun](https://www.autoshun.org/) ([list](https://www.autoshun.org/files/shunlist.csv)) -
Snort plugin and blocklist.
Bambenek Consulting Feeds -
OSINT feeds based on malicious DGA algorithms.
[Fidelis Barncat](https://www.fidelissecurity.com/resources/fidelis-barncat) -
Extensive malware config database (must request access).
CI Army (list) -
Network security blocklists.
[Critical Stack- Free Intel Market](https://intel.criticalstack.com) - Free
intel aggregator with deduplication featuring 90+ feeds and over 1.2M indicators.
Cybercrime tracker - Multiple botnet active tracker.
[FireEye IOCs](https://github.com/fireeye/iocs) - Indicators of Compromise
shared publicly by FireEye.
FireHOL IP Lists - Analytics for 350+ IP lists
with a focus on attacks, malware and abuse. Evolution, Changes History,
Country Maps, Age of IPs listed, Retention Policy, Overlaps.
[HoneyDB](https://riskdiscovery.com/honeydb) - Community driven honeypot sensor data collection and aggregation.
hpfeeds - Honeypot feed protocol.
[Infosec - CERT-PA lists](https://infosec.cert-pa.it/analyze/statistics.html) ([IPs](https://infosec.cert-pa.it/analyze/listip.txt) - [Domains](https://infosec.cert-pa.it/analyze/listdomains.txt) - [URLs](https://infosec.cert-pa.it/analyze/listurls.txt)) - Blocklist service.
InQuest REPdb - Continuous aggregation of IOCs from a variety of open reputation sources.
[InQuest IOCdb](https://labs.inquest.net/iocdb) - Continuous aggregation of IOCs from a variety of blogs, Github repos, and Twitter.
Internet Storm Center (DShield) - Diary and
searchable incident database, with a web API.
(unofficial Python library).
[malc0de](http://malc0de.com/database/) - Searchable incident database.
Malware Domain List - Search and share
malicious URLs.
[MetaDefender Threat Intelligence Feed](https://www.opswat.com/developers/threat-intelligence-feed) -
List of the most looked up file hashes from MetaDefender Cloud.
OpenIOC -
Framework for sharing threat intelligence.
[Proofpoint Threat Intelligence](https://www.proofpoint.com/us/products/et-intelligence) -
Rulesets and more. (Formerly Emerging Threats.)
Ransomware overview
β 2020 GIT SOURCES
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦A list of ransomware overview with details, detection and prevention !!
[STIX - Structured Threat Information eXpression](http://stixproject.github.io)
Standardized language to represent and share cyber threat information.
Related efforts from [MITRE](https://www.mitre.org/):
- [CAPEC - Common Attack Pattern Enumeration and Classification](http://capec.mitre.org/)
- [CybOX - Cyber Observables eXpression](http://cyboxproject.github.io)
- [MAEC - Malware Attribute Enumeration and Characterization](http://maec.mitre.org/)
- [TAXII - Trusted Automated eXchange of Indicator Information](http://taxiiproject.github.io)
SystemLookup - SystemLookup hosts a collection of lists that provide information on
the components of legitimate and potentially unwanted programs.
[ThreatMiner](https://www.threatminer.org/) - Data mining portal for threat
intelligence, with search.
threatRECON - Search for indicators, up to 1000
free per month.
[Yara rules](https://github.com/Yara-Rules/rules) - Yara rules repository.
ZeuS Tracker - ZeuS
blocklists.
β 2020 GIT SOURCES
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦A list of ransomware overview with details, detection and prevention !!
[STIX - Structured Threat Information eXpression](http://stixproject.github.io)
Standardized language to represent and share cyber threat information.
Related efforts from [MITRE](https://www.mitre.org/):
- [CAPEC - Common Attack Pattern Enumeration and Classification](http://capec.mitre.org/)
- [CybOX - Cyber Observables eXpression](http://cyboxproject.github.io)
- [MAEC - Malware Attribute Enumeration and Characterization](http://maec.mitre.org/)
- [TAXII - Trusted Automated eXchange of Indicator Information](http://taxiiproject.github.io)
SystemLookup - SystemLookup hosts a collection of lists that provide information on
the components of legitimate and potentially unwanted programs.
[ThreatMiner](https://www.threatminer.org/) - Data mining portal for threat
intelligence, with search.
threatRECON - Search for indicators, up to 1000
free per month.
[Yara rules](https://github.com/Yara-Rules/rules) - Yara rules repository.
ZeuS Tracker - ZeuS
blocklists.
β 2020 GIT SOURCES
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
capec.mitre.org
CAPEC -
Common Attack Pattern Enumeration and Classification (CAPECβ’)
Common Attack Pattern Enumeration and Classification (CAPECβ’)
Common Attack Pattern Enumeration and Classification (CAPEC) is a list of software weaknesses.
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
#Detection and Classification
#MALWARES 2020
Antivirus and other malware identification tools
[AnalyzePE](https://github.com/hiddenillusion/AnalyzePE) - Wrapper for a
variety of tools for reporting on Windows PE files.
Assemblyline - A scalable
distributed file analysis framework.
[BinaryAlert](https://github.com/airbnb/binaryalert) - An open source, serverless
AWS pipeline that scans and alerts on uploaded files based on a set of
YARA rules.
chkrootkit - Local Linux rootkit detection.
[ClamAV](http://www.clamav.net/) - Open source antivirus engine.
Detect It Easy(DiE) - A
program for
determining types of files.
[Exeinfo PE](http://exeinfo.pe.hu/) - Packer, compressor detector, unpack
info, internal exe tools.
ExifTool - Read, write and
edit file metadata.
[File Scanning Framework](https://github.com/EmersonElectricCo/fsf) -
Modular, recursive file scanning solution.
Generic File Parser - A Single Library Parser to extract meta information,static analysis and detect macros within the files.
[hashdeep](https://github.com/jessek/hashdeep) - Compute digest hashes with
a variety of algorithms.
HashCheck - Windows shell extension
to compute hashes with a variety of algorithms.
[Loki](https://github.com/Neo23x0/Loki) - Host based scanner for IOCs.
Malfunction - Catalog and
compare malware at a function level.
[Manalyze](https://github.com/JusticeRage/Manalyze) - Static analyzer for PE
executables.
MASTIFF - Static analysis
framework.
[MultiScanner](https://github.com/mitre/multiscanner) - Modular file
scanning/analysis framework
Nauz File Detector(NFD) - Linker/Compiler/Tool detector for Windows, Linux and MacOS.
[nsrllookup](https://github.com/rjhansen/nsrllookup) - A tool for looking
up hashes in NIST's National Software Reference Library database.
packerid - A cross-platform
Python alternative to PEiD.
[PE-bear](https://hshrzd.wordpress.com/pe-bear/) - Reversing tool for PE
files.
PEframe - PEframe is an open source tool to perform static analysis on Portable Executable malware and malicious MS Office documents.
[PEV](http://pev.sourceforge.net/) - A multiplatform toolkit to work with PE
files, providing feature-rich tools for proper analysis of suspicious binaries.
PortEx - Java library to analyse PE files with a special focus on malware analysis and PE malformation robustness.
[Quark-Engine](https://github.com/quark-engine/quark-engine) - An Obfuscation-Neglect Android Malware Scoring System
Rootkit Hunter - Detect Linux rootkits.
[ssdeep](https://ssdeep-project.github.io/ssdeep/) - Compute fuzzy hashes.
totalhash.py -
Python script for easy searching of the TotalHash.cymru.com
database.
ENJOY β€οΈππ»
β 2020 GIT SOURCES
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
#Detection and Classification
#MALWARES 2020
Antivirus and other malware identification tools
[AnalyzePE](https://github.com/hiddenillusion/AnalyzePE) - Wrapper for a
variety of tools for reporting on Windows PE files.
Assemblyline - A scalable
distributed file analysis framework.
[BinaryAlert](https://github.com/airbnb/binaryalert) - An open source, serverless
AWS pipeline that scans and alerts on uploaded files based on a set of
YARA rules.
chkrootkit - Local Linux rootkit detection.
[ClamAV](http://www.clamav.net/) - Open source antivirus engine.
Detect It Easy(DiE) - A
program for
determining types of files.
[Exeinfo PE](http://exeinfo.pe.hu/) - Packer, compressor detector, unpack
info, internal exe tools.
ExifTool - Read, write and
edit file metadata.
[File Scanning Framework](https://github.com/EmersonElectricCo/fsf) -
Modular, recursive file scanning solution.
Generic File Parser - A Single Library Parser to extract meta information,static analysis and detect macros within the files.
[hashdeep](https://github.com/jessek/hashdeep) - Compute digest hashes with
a variety of algorithms.
HashCheck - Windows shell extension
to compute hashes with a variety of algorithms.
[Loki](https://github.com/Neo23x0/Loki) - Host based scanner for IOCs.
Malfunction - Catalog and
compare malware at a function level.
[Manalyze](https://github.com/JusticeRage/Manalyze) - Static analyzer for PE
executables.
MASTIFF - Static analysis
framework.
[MultiScanner](https://github.com/mitre/multiscanner) - Modular file
scanning/analysis framework
Nauz File Detector(NFD) - Linker/Compiler/Tool detector for Windows, Linux and MacOS.
[nsrllookup](https://github.com/rjhansen/nsrllookup) - A tool for looking
up hashes in NIST's National Software Reference Library database.
packerid - A cross-platform
Python alternative to PEiD.
[PE-bear](https://hshrzd.wordpress.com/pe-bear/) - Reversing tool for PE
files.
PEframe - PEframe is an open source tool to perform static analysis on Portable Executable malware and malicious MS Office documents.
[PEV](http://pev.sourceforge.net/) - A multiplatform toolkit to work with PE
files, providing feature-rich tools for proper analysis of suspicious binaries.
PortEx - Java library to analyse PE files with a special focus on malware analysis and PE malformation robustness.
[Quark-Engine](https://github.com/quark-engine/quark-engine) - An Obfuscation-Neglect Android Malware Scoring System
Rootkit Hunter - Detect Linux rootkits.
[ssdeep](https://ssdeep-project.github.io/ssdeep/) - Compute fuzzy hashes.
totalhash.py -
Python script for easy searching of the TotalHash.cymru.com
database.
ENJOY β€οΈππ»
β 2020 GIT SOURCES
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - hiddenillusion/AnalyzePE: Wraps around various tools and provides some additional checks/information to produce a centralizedβ¦
Wraps around various tools and provides some additional checks/information to produce a centralized report of a PE file. - hiddenillusion/AnalyzePE
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Online #Scanners and #Sandboxes topic
Web-based multi-AV scanners, and malware sandboxes for automated analysis.
[anlyz.io](https://sandbox.anlyz.io/) - Online sandbox.
any.run - Online interactive sandbox.
[AndroTotal](https://andrototal.org/) - Free online analysis of APKs
against multiple mobile antivirus apps.
AVCaesar - Malware.lu online scanner and
malware repository.
[BoomBox](https://github.com/nbeede/BoomBox) - Automatic deployment of Cuckoo
Sandbox malware lab using Packer and Vagrant.
Cryptam - Analyze suspicious office documents.
[Cuckoo Sandbox](https://cuckoosandbox.org/) - Open source, self hosted
sandbox and automated analysis system.
cuckoo-modified - Modified
version of Cuckoo Sandbox released under the GPL. Not merged upstream due to
legal concerns by the author.
[cuckoo-modified-api](https://github.com/keithjjones/cuckoo-modified-api) - A
Python API used to control a cuckoo-modified sandbox.
DeepViz - Multi-format file analyzer with
machine-learning classification.
[detux](https://github.com/detuxsandbox/detux/) - A sandbox developed to do
traffic analysis of Linux malwares and capturing IOCs.
DRAKVUF - Dynamic malware analysis
ENJOY β€οΈππ»
β 2020 GIT SOURCES
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Online #Scanners and #Sandboxes topic
Web-based multi-AV scanners, and malware sandboxes for automated analysis.
[anlyz.io](https://sandbox.anlyz.io/) - Online sandbox.
any.run - Online interactive sandbox.
[AndroTotal](https://andrototal.org/) - Free online analysis of APKs
against multiple mobile antivirus apps.
AVCaesar - Malware.lu online scanner and
malware repository.
[BoomBox](https://github.com/nbeede/BoomBox) - Automatic deployment of Cuckoo
Sandbox malware lab using Packer and Vagrant.
Cryptam - Analyze suspicious office documents.
[Cuckoo Sandbox](https://cuckoosandbox.org/) - Open source, self hosted
sandbox and automated analysis system.
cuckoo-modified - Modified
version of Cuckoo Sandbox released under the GPL. Not merged upstream due to
legal concerns by the author.
[cuckoo-modified-api](https://github.com/keithjjones/cuckoo-modified-api) - A
Python API used to control a cuckoo-modified sandbox.
DeepViz - Multi-format file analyzer with
machine-learning classification.
[detux](https://github.com/detuxsandbox/detux/) - A sandbox developed to do
traffic analysis of Linux malwares and capturing IOCs.
DRAKVUF - Dynamic malware analysis
ENJOY β€οΈππ»
β 2020 GIT SOURCES
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
app.any.run
Interactive Online Malware Analysis Sandbox - ANY.RUN
Cloud-based malware analysis service. Take your information security to the next level. Analyze suspicious and malicious activities using our innovative tools.
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦#Domain Analysis Topic resources 2020
Inspect domains and IP addresses.
[AbuseIPDB](https://www.abuseipdb.com/) - AbuseIPDB is a project dedicated to helping combat the spread of hackers, spammers, and abusive activity on the internet.
badips.com - Community based IP blacklist service.
[boomerang](https://github.com/EmersonElectricCo/boomerang) - A tool designed for consistent and safe capture of off network web resources.
Cymon - Threat intelligence tracker, with IP/domain/hash search.
[Desenmascara.me](http://desenmascara.me) - One click tool to retrieve as much metadata as possible for a website and to assess its good standing.
Dig - Free online dig and other
network tools.
[dnstwist](https://github.com/elceef/dnstwist) - Domain name permutation
engine for detecting typo squatting, phishing and corporate espionage.
IPinfo - Gather information
about an IP or domain by searching online resources.
[mailchecker](https://github.com/FGRibreau/mailchecker) - Cross-language
temporary email detection library.
MaltegoVT - Maltego transform
for the VirusTotal API. Allows domain/IP research, and searching for file
hashes and scan reports.
[Multi rbl](http://multirbl.valli.org/) - Multiple DNS blacklist and forward
confirmed reverse DNS lookup over more than 300 RBLs.
NormShield Services - Free API Services
for detecting possible phishing domains, blacklisted ip addresses and breached
accounts.
[PhishStats](https://phishstats.info/) - Phishing Statistics with search for
IP, domain and website title
Spyse - subdomains, whois, realted domains, DNS, hosts AS, SSL/TLS info,
[SecurityTrails](https://securitytrails.com/) - Historical and current WHOIS,
historical and current DNS records, similar domains, certificate information
and other domain and IP related API and tools.
SpamCop - IP based spam block list.
[SpamHaus](https://www.spamhaus.org/lookup/) - Block list based on
domains and IPs.
Sucuri SiteCheck - Free Website Malware
and Security Scanner.
ENJOY β€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦#Domain Analysis Topic resources 2020
Inspect domains and IP addresses.
[AbuseIPDB](https://www.abuseipdb.com/) - AbuseIPDB is a project dedicated to helping combat the spread of hackers, spammers, and abusive activity on the internet.
badips.com - Community based IP blacklist service.
[boomerang](https://github.com/EmersonElectricCo/boomerang) - A tool designed for consistent and safe capture of off network web resources.
Cymon - Threat intelligence tracker, with IP/domain/hash search.
[Desenmascara.me](http://desenmascara.me) - One click tool to retrieve as much metadata as possible for a website and to assess its good standing.
Dig - Free online dig and other
network tools.
[dnstwist](https://github.com/elceef/dnstwist) - Domain name permutation
engine for detecting typo squatting, phishing and corporate espionage.
IPinfo - Gather information
about an IP or domain by searching online resources.
[mailchecker](https://github.com/FGRibreau/mailchecker) - Cross-language
temporary email detection library.
MaltegoVT - Maltego transform
for the VirusTotal API. Allows domain/IP research, and searching for file
hashes and scan reports.
[Multi rbl](http://multirbl.valli.org/) - Multiple DNS blacklist and forward
confirmed reverse DNS lookup over more than 300 RBLs.
NormShield Services - Free API Services
for detecting possible phishing domains, blacklisted ip addresses and breached
accounts.
[PhishStats](https://phishstats.info/) - Phishing Statistics with search for
IP, domain and website title
Spyse - subdomains, whois, realted domains, DNS, hosts AS, SSL/TLS info,
[SecurityTrails](https://securitytrails.com/) - Historical and current WHOIS,
historical and current DNS records, similar domains, certificate information
and other domain and IP related API and tools.
SpamCop - IP based spam block list.
[SpamHaus](https://www.spamhaus.org/lookup/) - Block list based on
domains and IPs.
Sucuri SiteCheck - Free Website Malware
and Security Scanner.
ENJOY β€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
Abuseipdb
AbuseIPDB - IP address abuse reports - Making the Internet safer, one IP at a time
AbuseIPDB is an IP address blacklist for webmasters and sysadmins to report IP addresses engaging in abusive behavior on their networks, or check the report history of any IP.
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦File #Carving #Mlawares
carving tool.
EVTXtract - Carve Windows
Event Log files from raw binary data.
[Foremost](http://foremost.sourceforge.net/) - File carving tool designed
by the US Air Force.
hachoir3 - Hachoir is a Python library
to view and edit a binary stream field by field.
[Scalpel](https://github.com/sleuthkit/scalpel) - Another data carving
tool.
SFlock - Nested archive
extraction/unpacking (used in Cuckoo Sandbox).
ENJOY β€οΈππ»
β 2020 GIT SOURCES
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦File #Carving #Mlawares
extracting files from inside disk and memory images.[bulk_extractor](https://github.com/simsong/bulk_extractor) - Fast file
carving tool.
EVTXtract - Carve Windows
Event Log files from raw binary data.
[Foremost](http://foremost.sourceforge.net/) - File carving tool designed
by the US Air Force.
hachoir3 - Hachoir is a Python library
to view and edit a binary stream field by field.
[Scalpel](https://github.com/sleuthkit/scalpel) - Another data carving
tool.
SFlock - Nested archive
extraction/unpacking (used in Cuckoo Sandbox).
ENJOY β€οΈππ»
β 2020 GIT SOURCES
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - simsong/bulk_extractor: This is the development tree. Production downloads are at:
This is the development tree. Production downloads are at: - simsong/bulk_extractor
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦WHEN SANDBOX BECOME A MALWARE ?
#FastTip
Nearly every malware analysis sandbox looks at the system call interface or the Windows API when monitoring the behavior of a user mode process. ...
> In other words, a sandbox may see a malware read from a script, but it can not tell how the malware actually handles the data.
π¦WHEN SANDBOX BECOME A MALWARE ?
#FastTip
Nearly every malware analysis sandbox looks at the system call interface or the Windows API when monitoring the behavior of a user mode process. ...
> In other words, a sandbox may see a malware read from a script, but it can not tell how the malware actually handles the data.
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Essential malware analysis reading material #resources
#Malware/
[Learning Malware Analysis](https://www.packtpub.com/networking-and-servers/learning-malware-analysis) - Learning Malware Analysis: Explore the concepts, tools, and techniques to analuze and investigate Windows malware
Mastering Malware Analysis - Mastering Malware Analysis: The complete malware analyst's guide to combating malicious software, APT, cybercime, and IoT attacks
[Mastering Reverse Engineering](https://www.packtpub.com/networking-and-servers/mastering-reverse-engineering) - Mastering Reverse Engineering: Re-engineer your ethical hacking skills
Practical Malware Analysis - The Hands-On
Guide to Dissecting Malicious Software.
[Practical Reverse Engineering](https://www.amzn.com/dp/1118787315/) -
Intermediate Reverse Engineering.
Real Digital Forensics - Computer
Security and Incident Response.
[Rootkits and Bootkits](https://www.amazon.com/dp/1593277164) - Rootkits and Bootkits: Reversing Modern Malware and Next Generation Threats
The Art of Memory Forensics - Detecting
Malware and Threats in Windows, Linux, and Mac Memory.
[The IDA Pro Book](https://amzn.com/dp/1593272898) - The Unofficial Guide
to the World's Most Popular Disassembler.
The Rootkit Arsenal - The Rootkit Arsenal:
Escape and Evasion in the Dark Corners of the System
ENJOY β€οΈππ»
β 2020 GIT SOURCES
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Essential malware analysis reading material #resources
#Malware/
[Learning Malware Analysis](https://www.packtpub.com/networking-and-servers/learning-malware-analysis) - Learning Malware Analysis: Explore the concepts, tools, and techniques to analuze and investigate Windows malware
Mastering Malware Analysis - Mastering Malware Analysis: The complete malware analyst's guide to combating malicious software, APT, cybercime, and IoT attacks
[Mastering Reverse Engineering](https://www.packtpub.com/networking-and-servers/mastering-reverse-engineering) - Mastering Reverse Engineering: Re-engineer your ethical hacking skills
Practical Malware Analysis - The Hands-On
Guide to Dissecting Malicious Software.
[Practical Reverse Engineering](https://www.amzn.com/dp/1118787315/) -
Intermediate Reverse Engineering.
Real Digital Forensics - Computer
Security and Incident Response.
[Rootkits and Bootkits](https://www.amazon.com/dp/1593277164) - Rootkits and Bootkits: Reversing Modern Malware and Next Generation Threats
The Art of Memory Forensics - Detecting
Malware and Threats in Windows, Linux, and Mac Memory.
[The IDA Pro Book](https://amzn.com/dp/1593272898) - The Unofficial Guide
to the World's Most Popular Disassembler.
The Rootkit Arsenal - The Rootkit Arsenal:
Escape and Evasion in the Dark Corners of the System
ENJOY β€οΈππ»
β 2020 GIT SOURCES
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
Packt
Learning Malware Analysis | Packt
Understand malware analysis and its practical implementation
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ #Awesome repo Lists new :
[Android Security](https://github.com/ashishb/android-security-awesome)
AppSec
[CTFs](https://github.com/apsdehal/awesome-ctf)
Forensics
["Hacking"](https://github.com/carpedm20/awesome-hacking)
Honeypots
[Industrial Control System Security](https://github.com/hslatman/
awesome-industrial-control-system-security)
Incident-Response
[Infosec](https://github.com/onlurking/awesome-infosec)
PCAP Tools
[Pentesting](https://github.com/enaqx/awesome-pentest)
Security
[Threat Intelligence](https://github.com/hslatman/awesome-threat-
intelligence)
YARA
ENJOY β€οΈππ»
β 2020 GIT SOURCES
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ #Awesome repo Lists new :
[Android Security](https://github.com/ashishb/android-security-awesome)
AppSec
[CTFs](https://github.com/apsdehal/awesome-ctf)
Forensics
["Hacking"](https://github.com/carpedm20/awesome-hacking)
Honeypots
[Industrial Control System Security](https://github.com/hslatman/
awesome-industrial-control-system-security)
Incident-Response
[Infosec](https://github.com/onlurking/awesome-infosec)
PCAP Tools
[Pentesting](https://github.com/enaqx/awesome-pentest)
Security
[Threat Intelligence](https://github.com/hslatman/awesome-threat-
intelligence)
YARA
ENJOY β€οΈππ»
β 2020 GIT SOURCES
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - ashishb/android-security-awesome: A collection of android security related resources
A collection of android security related resources - ashishb/android-security-awesome
π¦Bin For Spotify 3 Months Premium + ATRESplayer Premium
BIN: 5183024500xxxxxx
DATE: Rnd
CVV: Rnd
IP: USA πΊπΈ
β Spotify
β AteresPlayer
How use bin https://t.me/UnderCodeTesting/3768
BIN: 5183024500xxxxxx
DATE: Rnd
CVV: Rnd
IP: USA πΊπΈ
β Spotify
β AteresPlayer
How use bin https://t.me/UnderCodeTesting/3768
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦MALWARE RESOURCES :
* [SMRT](https://github.com/pidydx/SMRT) - Sublime Malware Research Tool, a
plugin for Sublime 3 to aid with malware analyis.
* [strace](https://sourceforge.net/projects/strace/) - Dynamic analysis for
* [StringSifter](https://github.com/fireeye/stringsifter) - A machine learning tool
that automatically ranks strings based on their relevance for malware analysis.
* [Triton](https://triton.quarkslab.com/) - A dynamic binary analysis (DBA) framework.
* [Udis86](https://github.com/vmt/udis86) - Disassembler library and tool
for x86 and x86_64.
* [Vivisect](https://github.com/vivisect/vivisect) - Python tool for
malware analysis.
* [WinDbg](https://developer.microsoft.com/en-us/windows/hardware/download-windbg) - multipurpose debugger for the Microsoft Windows computer operating system, used to debug user mode applications, device drivers, and the kernel-mode memory dumps.
* [X64dbg](https://github.com/x64dbg/) - An open-source x64/x32 debugger for windows.
* [iocextract](https://github.com/InQuest/python-iocextract) - Advanced Indicator
of Compromise (IOC) extractor, Python library and command-line tool.
β 2020 GIT SOURCES
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦MALWARE RESOURCES :
* [SMRT](https://github.com/pidydx/SMRT) - Sublime Malware Research Tool, a
plugin for Sublime 3 to aid with malware analyis.
* [strace](https://sourceforge.net/projects/strace/) - Dynamic analysis for
* [StringSifter](https://github.com/fireeye/stringsifter) - A machine learning tool
that automatically ranks strings based on their relevance for malware analysis.
* [Triton](https://triton.quarkslab.com/) - A dynamic binary analysis (DBA) framework.
* [Udis86](https://github.com/vmt/udis86) - Disassembler library and tool
for x86 and x86_64.
* [Vivisect](https://github.com/vivisect/vivisect) - Python tool for
malware analysis.
* [WinDbg](https://developer.microsoft.com/en-us/windows/hardware/download-windbg) - multipurpose debugger for the Microsoft Windows computer operating system, used to debug user mode applications, device drivers, and the kernel-mode memory dumps.
* [X64dbg](https://github.com/x64dbg/) - An open-source x64/x32 debugger for windows.
* [iocextract](https://github.com/InQuest/python-iocextract) - Advanced Indicator
of Compromise (IOC) extractor, Python library and command-line tool.
β 2020 GIT SOURCES
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
GitHub
pidydx/SMRT
Sublime Malware Research Tool. Contribute to pidydx/SMRT development by creating an account on GitHub.