β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦#MALWARES Threat intelligence and IOC resources.
[Autoshun](https://www.autoshun.org/) ([list](https://www.autoshun.org/files/shunlist.csv)) -
Snort plugin and blocklist.
Bambenek Consulting Feeds -
OSINT feeds based on malicious DGA algorithms.
[Fidelis Barncat](https://www.fidelissecurity.com/resources/fidelis-barncat) -
Extensive malware config database (must request access).
CI Army (list) -
Network security blocklists.
[Critical Stack- Free Intel Market](https://intel.criticalstack.com) - Free
intel aggregator with deduplication featuring 90+ feeds and over 1.2M indicators.
Cybercrime tracker - Multiple botnet active tracker.
[FireEye IOCs](https://github.com/fireeye/iocs) - Indicators of Compromise
shared publicly by FireEye.
FireHOL IP Lists - Analytics for 350+ IP lists
with a focus on attacks, malware and abuse. Evolution, Changes History,
Country Maps, Age of IPs listed, Retention Policy, Overlaps.
[HoneyDB](https://riskdiscovery.com/honeydb) - Community driven honeypot sensor data collection and aggregation.
hpfeeds - Honeypot feed protocol.
[Infosec - CERT-PA lists](https://infosec.cert-pa.it/analyze/statistics.html) ([IPs](https://infosec.cert-pa.it/analyze/listip.txt) - [Domains](https://infosec.cert-pa.it/analyze/listdomains.txt) - [URLs](https://infosec.cert-pa.it/analyze/listurls.txt)) - Blocklist service.
InQuest REPdb - Continuous aggregation of IOCs from a variety of open reputation sources.
[InQuest IOCdb](https://labs.inquest.net/iocdb) - Continuous aggregation of IOCs from a variety of blogs, Github repos, and Twitter.
Internet Storm Center (DShield) - Diary and
searchable incident database, with a web API.
(unofficial Python library).
[malc0de](http://malc0de.com/database/) - Searchable incident database.
Malware Domain List - Search and share
malicious URLs.
[MetaDefender Threat Intelligence Feed](https://www.opswat.com/developers/threat-intelligence-feed) -
List of the most looked up file hashes from MetaDefender Cloud.
OpenIOC -
Framework for sharing threat intelligence.
[Proofpoint Threat Intelligence](https://www.proofpoint.com/us/products/et-intelligence) -
Rulesets and more. (Formerly Emerging Threats.)
Ransomware overview
β 2020 GIT SOURCES
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦#MALWARES Threat intelligence and IOC resources.
[Autoshun](https://www.autoshun.org/) ([list](https://www.autoshun.org/files/shunlist.csv)) -
Snort plugin and blocklist.
Bambenek Consulting Feeds -
OSINT feeds based on malicious DGA algorithms.
[Fidelis Barncat](https://www.fidelissecurity.com/resources/fidelis-barncat) -
Extensive malware config database (must request access).
CI Army (list) -
Network security blocklists.
[Critical Stack- Free Intel Market](https://intel.criticalstack.com) - Free
intel aggregator with deduplication featuring 90+ feeds and over 1.2M indicators.
Cybercrime tracker - Multiple botnet active tracker.
[FireEye IOCs](https://github.com/fireeye/iocs) - Indicators of Compromise
shared publicly by FireEye.
FireHOL IP Lists - Analytics for 350+ IP lists
with a focus on attacks, malware and abuse. Evolution, Changes History,
Country Maps, Age of IPs listed, Retention Policy, Overlaps.
[HoneyDB](https://riskdiscovery.com/honeydb) - Community driven honeypot sensor data collection and aggregation.
hpfeeds - Honeypot feed protocol.
[Infosec - CERT-PA lists](https://infosec.cert-pa.it/analyze/statistics.html) ([IPs](https://infosec.cert-pa.it/analyze/listip.txt) - [Domains](https://infosec.cert-pa.it/analyze/listdomains.txt) - [URLs](https://infosec.cert-pa.it/analyze/listurls.txt)) - Blocklist service.
InQuest REPdb - Continuous aggregation of IOCs from a variety of open reputation sources.
[InQuest IOCdb](https://labs.inquest.net/iocdb) - Continuous aggregation of IOCs from a variety of blogs, Github repos, and Twitter.
Internet Storm Center (DShield) - Diary and
searchable incident database, with a web API.
(unofficial Python library).
[malc0de](http://malc0de.com/database/) - Searchable incident database.
Malware Domain List - Search and share
malicious URLs.
[MetaDefender Threat Intelligence Feed](https://www.opswat.com/developers/threat-intelligence-feed) -
List of the most looked up file hashes from MetaDefender Cloud.
OpenIOC -
Framework for sharing threat intelligence.
[Proofpoint Threat Intelligence](https://www.proofpoint.com/us/products/et-intelligence) -
Rulesets and more. (Formerly Emerging Threats.)
Ransomware overview
β 2020 GIT SOURCES
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦A list of ransomware overview with details, detection and prevention !!
[STIX - Structured Threat Information eXpression](http://stixproject.github.io)
Standardized language to represent and share cyber threat information.
Related efforts from [MITRE](https://www.mitre.org/):
- [CAPEC - Common Attack Pattern Enumeration and Classification](http://capec.mitre.org/)
- [CybOX - Cyber Observables eXpression](http://cyboxproject.github.io)
- [MAEC - Malware Attribute Enumeration and Characterization](http://maec.mitre.org/)
- [TAXII - Trusted Automated eXchange of Indicator Information](http://taxiiproject.github.io)
SystemLookup - SystemLookup hosts a collection of lists that provide information on
the components of legitimate and potentially unwanted programs.
[ThreatMiner](https://www.threatminer.org/) - Data mining portal for threat
intelligence, with search.
threatRECON - Search for indicators, up to 1000
free per month.
[Yara rules](https://github.com/Yara-Rules/rules) - Yara rules repository.
ZeuS Tracker - ZeuS
blocklists.
β 2020 GIT SOURCES
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦A list of ransomware overview with details, detection and prevention !!
[STIX - Structured Threat Information eXpression](http://stixproject.github.io)
Standardized language to represent and share cyber threat information.
Related efforts from [MITRE](https://www.mitre.org/):
- [CAPEC - Common Attack Pattern Enumeration and Classification](http://capec.mitre.org/)
- [CybOX - Cyber Observables eXpression](http://cyboxproject.github.io)
- [MAEC - Malware Attribute Enumeration and Characterization](http://maec.mitre.org/)
- [TAXII - Trusted Automated eXchange of Indicator Information](http://taxiiproject.github.io)
SystemLookup - SystemLookup hosts a collection of lists that provide information on
the components of legitimate and potentially unwanted programs.
[ThreatMiner](https://www.threatminer.org/) - Data mining portal for threat
intelligence, with search.
threatRECON - Search for indicators, up to 1000
free per month.
[Yara rules](https://github.com/Yara-Rules/rules) - Yara rules repository.
ZeuS Tracker - ZeuS
blocklists.
β 2020 GIT SOURCES
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
capec.mitre.org
CAPEC -
Common Attack Pattern Enumeration and Classification (CAPECβ’)
Common Attack Pattern Enumeration and Classification (CAPECβ’)
Common Attack Pattern Enumeration and Classification (CAPEC) is a list of software weaknesses.
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
#Detection and Classification
#MALWARES 2020
Antivirus and other malware identification tools
[AnalyzePE](https://github.com/hiddenillusion/AnalyzePE) - Wrapper for a
variety of tools for reporting on Windows PE files.
Assemblyline - A scalable
distributed file analysis framework.
[BinaryAlert](https://github.com/airbnb/binaryalert) - An open source, serverless
AWS pipeline that scans and alerts on uploaded files based on a set of
YARA rules.
chkrootkit - Local Linux rootkit detection.
[ClamAV](http://www.clamav.net/) - Open source antivirus engine.
Detect It Easy(DiE) - A
program for
determining types of files.
[Exeinfo PE](http://exeinfo.pe.hu/) - Packer, compressor detector, unpack
info, internal exe tools.
ExifTool - Read, write and
edit file metadata.
[File Scanning Framework](https://github.com/EmersonElectricCo/fsf) -
Modular, recursive file scanning solution.
Generic File Parser - A Single Library Parser to extract meta information,static analysis and detect macros within the files.
[hashdeep](https://github.com/jessek/hashdeep) - Compute digest hashes with
a variety of algorithms.
HashCheck - Windows shell extension
to compute hashes with a variety of algorithms.
[Loki](https://github.com/Neo23x0/Loki) - Host based scanner for IOCs.
Malfunction - Catalog and
compare malware at a function level.
[Manalyze](https://github.com/JusticeRage/Manalyze) - Static analyzer for PE
executables.
MASTIFF - Static analysis
framework.
[MultiScanner](https://github.com/mitre/multiscanner) - Modular file
scanning/analysis framework
Nauz File Detector(NFD) - Linker/Compiler/Tool detector for Windows, Linux and MacOS.
[nsrllookup](https://github.com/rjhansen/nsrllookup) - A tool for looking
up hashes in NIST's National Software Reference Library database.
packerid - A cross-platform
Python alternative to PEiD.
[PE-bear](https://hshrzd.wordpress.com/pe-bear/) - Reversing tool for PE
files.
PEframe - PEframe is an open source tool to perform static analysis on Portable Executable malware and malicious MS Office documents.
[PEV](http://pev.sourceforge.net/) - A multiplatform toolkit to work with PE
files, providing feature-rich tools for proper analysis of suspicious binaries.
PortEx - Java library to analyse PE files with a special focus on malware analysis and PE malformation robustness.
[Quark-Engine](https://github.com/quark-engine/quark-engine) - An Obfuscation-Neglect Android Malware Scoring System
Rootkit Hunter - Detect Linux rootkits.
[ssdeep](https://ssdeep-project.github.io/ssdeep/) - Compute fuzzy hashes.
totalhash.py -
Python script for easy searching of the TotalHash.cymru.com
database.
ENJOY β€οΈππ»
β 2020 GIT SOURCES
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
#Detection and Classification
#MALWARES 2020
Antivirus and other malware identification tools
[AnalyzePE](https://github.com/hiddenillusion/AnalyzePE) - Wrapper for a
variety of tools for reporting on Windows PE files.
Assemblyline - A scalable
distributed file analysis framework.
[BinaryAlert](https://github.com/airbnb/binaryalert) - An open source, serverless
AWS pipeline that scans and alerts on uploaded files based on a set of
YARA rules.
chkrootkit - Local Linux rootkit detection.
[ClamAV](http://www.clamav.net/) - Open source antivirus engine.
Detect It Easy(DiE) - A
program for
determining types of files.
[Exeinfo PE](http://exeinfo.pe.hu/) - Packer, compressor detector, unpack
info, internal exe tools.
ExifTool - Read, write and
edit file metadata.
[File Scanning Framework](https://github.com/EmersonElectricCo/fsf) -
Modular, recursive file scanning solution.
Generic File Parser - A Single Library Parser to extract meta information,static analysis and detect macros within the files.
[hashdeep](https://github.com/jessek/hashdeep) - Compute digest hashes with
a variety of algorithms.
HashCheck - Windows shell extension
to compute hashes with a variety of algorithms.
[Loki](https://github.com/Neo23x0/Loki) - Host based scanner for IOCs.
Malfunction - Catalog and
compare malware at a function level.
[Manalyze](https://github.com/JusticeRage/Manalyze) - Static analyzer for PE
executables.
MASTIFF - Static analysis
framework.
[MultiScanner](https://github.com/mitre/multiscanner) - Modular file
scanning/analysis framework
Nauz File Detector(NFD) - Linker/Compiler/Tool detector for Windows, Linux and MacOS.
[nsrllookup](https://github.com/rjhansen/nsrllookup) - A tool for looking
up hashes in NIST's National Software Reference Library database.
packerid - A cross-platform
Python alternative to PEiD.
[PE-bear](https://hshrzd.wordpress.com/pe-bear/) - Reversing tool for PE
files.
PEframe - PEframe is an open source tool to perform static analysis on Portable Executable malware and malicious MS Office documents.
[PEV](http://pev.sourceforge.net/) - A multiplatform toolkit to work with PE
files, providing feature-rich tools for proper analysis of suspicious binaries.
PortEx - Java library to analyse PE files with a special focus on malware analysis and PE malformation robustness.
[Quark-Engine](https://github.com/quark-engine/quark-engine) - An Obfuscation-Neglect Android Malware Scoring System
Rootkit Hunter - Detect Linux rootkits.
[ssdeep](https://ssdeep-project.github.io/ssdeep/) - Compute fuzzy hashes.
totalhash.py -
Python script for easy searching of the TotalHash.cymru.com
database.
ENJOY β€οΈππ»
β 2020 GIT SOURCES
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - hiddenillusion/AnalyzePE: Wraps around various tools and provides some additional checks/information to produce a centralizedβ¦
Wraps around various tools and provides some additional checks/information to produce a centralized report of a PE file. - hiddenillusion/AnalyzePE
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Online #Scanners and #Sandboxes topic
Web-based multi-AV scanners, and malware sandboxes for automated analysis.
[anlyz.io](https://sandbox.anlyz.io/) - Online sandbox.
any.run - Online interactive sandbox.
[AndroTotal](https://andrototal.org/) - Free online analysis of APKs
against multiple mobile antivirus apps.
AVCaesar - Malware.lu online scanner and
malware repository.
[BoomBox](https://github.com/nbeede/BoomBox) - Automatic deployment of Cuckoo
Sandbox malware lab using Packer and Vagrant.
Cryptam - Analyze suspicious office documents.
[Cuckoo Sandbox](https://cuckoosandbox.org/) - Open source, self hosted
sandbox and automated analysis system.
cuckoo-modified - Modified
version of Cuckoo Sandbox released under the GPL. Not merged upstream due to
legal concerns by the author.
[cuckoo-modified-api](https://github.com/keithjjones/cuckoo-modified-api) - A
Python API used to control a cuckoo-modified sandbox.
DeepViz - Multi-format file analyzer with
machine-learning classification.
[detux](https://github.com/detuxsandbox/detux/) - A sandbox developed to do
traffic analysis of Linux malwares and capturing IOCs.
DRAKVUF - Dynamic malware analysis
ENJOY β€οΈππ»
β 2020 GIT SOURCES
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Online #Scanners and #Sandboxes topic
Web-based multi-AV scanners, and malware sandboxes for automated analysis.
[anlyz.io](https://sandbox.anlyz.io/) - Online sandbox.
any.run - Online interactive sandbox.
[AndroTotal](https://andrototal.org/) - Free online analysis of APKs
against multiple mobile antivirus apps.
AVCaesar - Malware.lu online scanner and
malware repository.
[BoomBox](https://github.com/nbeede/BoomBox) - Automatic deployment of Cuckoo
Sandbox malware lab using Packer and Vagrant.
Cryptam - Analyze suspicious office documents.
[Cuckoo Sandbox](https://cuckoosandbox.org/) - Open source, self hosted
sandbox and automated analysis system.
cuckoo-modified - Modified
version of Cuckoo Sandbox released under the GPL. Not merged upstream due to
legal concerns by the author.
[cuckoo-modified-api](https://github.com/keithjjones/cuckoo-modified-api) - A
Python API used to control a cuckoo-modified sandbox.
DeepViz - Multi-format file analyzer with
machine-learning classification.
[detux](https://github.com/detuxsandbox/detux/) - A sandbox developed to do
traffic analysis of Linux malwares and capturing IOCs.
DRAKVUF - Dynamic malware analysis
ENJOY β€οΈππ»
β 2020 GIT SOURCES
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
app.any.run
Interactive Online Malware Analysis Sandbox - ANY.RUN
Cloud-based malware analysis service. Take your information security to the next level. Analyze suspicious and malicious activities using our innovative tools.
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦#Domain Analysis Topic resources 2020
Inspect domains and IP addresses.
[AbuseIPDB](https://www.abuseipdb.com/) - AbuseIPDB is a project dedicated to helping combat the spread of hackers, spammers, and abusive activity on the internet.
badips.com - Community based IP blacklist service.
[boomerang](https://github.com/EmersonElectricCo/boomerang) - A tool designed for consistent and safe capture of off network web resources.
Cymon - Threat intelligence tracker, with IP/domain/hash search.
[Desenmascara.me](http://desenmascara.me) - One click tool to retrieve as much metadata as possible for a website and to assess its good standing.
Dig - Free online dig and other
network tools.
[dnstwist](https://github.com/elceef/dnstwist) - Domain name permutation
engine for detecting typo squatting, phishing and corporate espionage.
IPinfo - Gather information
about an IP or domain by searching online resources.
[mailchecker](https://github.com/FGRibreau/mailchecker) - Cross-language
temporary email detection library.
MaltegoVT - Maltego transform
for the VirusTotal API. Allows domain/IP research, and searching for file
hashes and scan reports.
[Multi rbl](http://multirbl.valli.org/) - Multiple DNS blacklist and forward
confirmed reverse DNS lookup over more than 300 RBLs.
NormShield Services - Free API Services
for detecting possible phishing domains, blacklisted ip addresses and breached
accounts.
[PhishStats](https://phishstats.info/) - Phishing Statistics with search for
IP, domain and website title
Spyse - subdomains, whois, realted domains, DNS, hosts AS, SSL/TLS info,
[SecurityTrails](https://securitytrails.com/) - Historical and current WHOIS,
historical and current DNS records, similar domains, certificate information
and other domain and IP related API and tools.
SpamCop - IP based spam block list.
[SpamHaus](https://www.spamhaus.org/lookup/) - Block list based on
domains and IPs.
Sucuri SiteCheck - Free Website Malware
and Security Scanner.
ENJOY β€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦#Domain Analysis Topic resources 2020
Inspect domains and IP addresses.
[AbuseIPDB](https://www.abuseipdb.com/) - AbuseIPDB is a project dedicated to helping combat the spread of hackers, spammers, and abusive activity on the internet.
badips.com - Community based IP blacklist service.
[boomerang](https://github.com/EmersonElectricCo/boomerang) - A tool designed for consistent and safe capture of off network web resources.
Cymon - Threat intelligence tracker, with IP/domain/hash search.
[Desenmascara.me](http://desenmascara.me) - One click tool to retrieve as much metadata as possible for a website and to assess its good standing.
Dig - Free online dig and other
network tools.
[dnstwist](https://github.com/elceef/dnstwist) - Domain name permutation
engine for detecting typo squatting, phishing and corporate espionage.
IPinfo - Gather information
about an IP or domain by searching online resources.
[mailchecker](https://github.com/FGRibreau/mailchecker) - Cross-language
temporary email detection library.
MaltegoVT - Maltego transform
for the VirusTotal API. Allows domain/IP research, and searching for file
hashes and scan reports.
[Multi rbl](http://multirbl.valli.org/) - Multiple DNS blacklist and forward
confirmed reverse DNS lookup over more than 300 RBLs.
NormShield Services - Free API Services
for detecting possible phishing domains, blacklisted ip addresses and breached
accounts.
[PhishStats](https://phishstats.info/) - Phishing Statistics with search for
IP, domain and website title
Spyse - subdomains, whois, realted domains, DNS, hosts AS, SSL/TLS info,
[SecurityTrails](https://securitytrails.com/) - Historical and current WHOIS,
historical and current DNS records, similar domains, certificate information
and other domain and IP related API and tools.
SpamCop - IP based spam block list.
[SpamHaus](https://www.spamhaus.org/lookup/) - Block list based on
domains and IPs.
Sucuri SiteCheck - Free Website Malware
and Security Scanner.
ENJOY β€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
Abuseipdb
AbuseIPDB - IP address abuse reports - Making the Internet safer, one IP at a time
AbuseIPDB is an IP address blacklist for webmasters and sysadmins to report IP addresses engaging in abusive behavior on their networks, or check the report history of any IP.
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦File #Carving #Mlawares
carving tool.
EVTXtract - Carve Windows
Event Log files from raw binary data.
[Foremost](http://foremost.sourceforge.net/) - File carving tool designed
by the US Air Force.
hachoir3 - Hachoir is a Python library
to view and edit a binary stream field by field.
[Scalpel](https://github.com/sleuthkit/scalpel) - Another data carving
tool.
SFlock - Nested archive
extraction/unpacking (used in Cuckoo Sandbox).
ENJOY β€οΈππ»
β 2020 GIT SOURCES
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦File #Carving #Mlawares
extracting files from inside disk and memory images.[bulk_extractor](https://github.com/simsong/bulk_extractor) - Fast file
carving tool.
EVTXtract - Carve Windows
Event Log files from raw binary data.
[Foremost](http://foremost.sourceforge.net/) - File carving tool designed
by the US Air Force.
hachoir3 - Hachoir is a Python library
to view and edit a binary stream field by field.
[Scalpel](https://github.com/sleuthkit/scalpel) - Another data carving
tool.
SFlock - Nested archive
extraction/unpacking (used in Cuckoo Sandbox).
ENJOY β€οΈππ»
β 2020 GIT SOURCES
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - simsong/bulk_extractor: This is the development tree. Production downloads are at:
This is the development tree. Production downloads are at: - simsong/bulk_extractor
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦WHEN SANDBOX BECOME A MALWARE ?
#FastTip
Nearly every malware analysis sandbox looks at the system call interface or the Windows API when monitoring the behavior of a user mode process. ...
> In other words, a sandbox may see a malware read from a script, but it can not tell how the malware actually handles the data.
π¦WHEN SANDBOX BECOME A MALWARE ?
#FastTip
Nearly every malware analysis sandbox looks at the system call interface or the Windows API when monitoring the behavior of a user mode process. ...
> In other words, a sandbox may see a malware read from a script, but it can not tell how the malware actually handles the data.
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Essential malware analysis reading material #resources
#Malware/
[Learning Malware Analysis](https://www.packtpub.com/networking-and-servers/learning-malware-analysis) - Learning Malware Analysis: Explore the concepts, tools, and techniques to analuze and investigate Windows malware
Mastering Malware Analysis - Mastering Malware Analysis: The complete malware analyst's guide to combating malicious software, APT, cybercime, and IoT attacks
[Mastering Reverse Engineering](https://www.packtpub.com/networking-and-servers/mastering-reverse-engineering) - Mastering Reverse Engineering: Re-engineer your ethical hacking skills
Practical Malware Analysis - The Hands-On
Guide to Dissecting Malicious Software.
[Practical Reverse Engineering](https://www.amzn.com/dp/1118787315/) -
Intermediate Reverse Engineering.
Real Digital Forensics - Computer
Security and Incident Response.
[Rootkits and Bootkits](https://www.amazon.com/dp/1593277164) - Rootkits and Bootkits: Reversing Modern Malware and Next Generation Threats
The Art of Memory Forensics - Detecting
Malware and Threats in Windows, Linux, and Mac Memory.
[The IDA Pro Book](https://amzn.com/dp/1593272898) - The Unofficial Guide
to the World's Most Popular Disassembler.
The Rootkit Arsenal - The Rootkit Arsenal:
Escape and Evasion in the Dark Corners of the System
ENJOY β€οΈππ»
β 2020 GIT SOURCES
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Essential malware analysis reading material #resources
#Malware/
[Learning Malware Analysis](https://www.packtpub.com/networking-and-servers/learning-malware-analysis) - Learning Malware Analysis: Explore the concepts, tools, and techniques to analuze and investigate Windows malware
Mastering Malware Analysis - Mastering Malware Analysis: The complete malware analyst's guide to combating malicious software, APT, cybercime, and IoT attacks
[Mastering Reverse Engineering](https://www.packtpub.com/networking-and-servers/mastering-reverse-engineering) - Mastering Reverse Engineering: Re-engineer your ethical hacking skills
Practical Malware Analysis - The Hands-On
Guide to Dissecting Malicious Software.
[Practical Reverse Engineering](https://www.amzn.com/dp/1118787315/) -
Intermediate Reverse Engineering.
Real Digital Forensics - Computer
Security and Incident Response.
[Rootkits and Bootkits](https://www.amazon.com/dp/1593277164) - Rootkits and Bootkits: Reversing Modern Malware and Next Generation Threats
The Art of Memory Forensics - Detecting
Malware and Threats in Windows, Linux, and Mac Memory.
[The IDA Pro Book](https://amzn.com/dp/1593272898) - The Unofficial Guide
to the World's Most Popular Disassembler.
The Rootkit Arsenal - The Rootkit Arsenal:
Escape and Evasion in the Dark Corners of the System
ENJOY β€οΈππ»
β 2020 GIT SOURCES
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
Packt
Learning Malware Analysis | Packt
Understand malware analysis and its practical implementation
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ #Awesome repo Lists new :
[Android Security](https://github.com/ashishb/android-security-awesome)
AppSec
[CTFs](https://github.com/apsdehal/awesome-ctf)
Forensics
["Hacking"](https://github.com/carpedm20/awesome-hacking)
Honeypots
[Industrial Control System Security](https://github.com/hslatman/
awesome-industrial-control-system-security)
Incident-Response
[Infosec](https://github.com/onlurking/awesome-infosec)
PCAP Tools
[Pentesting](https://github.com/enaqx/awesome-pentest)
Security
[Threat Intelligence](https://github.com/hslatman/awesome-threat-
intelligence)
YARA
ENJOY β€οΈππ»
β 2020 GIT SOURCES
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ #Awesome repo Lists new :
[Android Security](https://github.com/ashishb/android-security-awesome)
AppSec
[CTFs](https://github.com/apsdehal/awesome-ctf)
Forensics
["Hacking"](https://github.com/carpedm20/awesome-hacking)
Honeypots
[Industrial Control System Security](https://github.com/hslatman/
awesome-industrial-control-system-security)
Incident-Response
[Infosec](https://github.com/onlurking/awesome-infosec)
PCAP Tools
[Pentesting](https://github.com/enaqx/awesome-pentest)
Security
[Threat Intelligence](https://github.com/hslatman/awesome-threat-
intelligence)
YARA
ENJOY β€οΈππ»
β 2020 GIT SOURCES
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - ashishb/android-security-awesome: A collection of android security related resources
A collection of android security related resources - ashishb/android-security-awesome
π¦Bin For Spotify 3 Months Premium + ATRESplayer Premium
BIN: 5183024500xxxxxx
DATE: Rnd
CVV: Rnd
IP: USA πΊπΈ
β Spotify
β AteresPlayer
How use bin https://t.me/UnderCodeTesting/3768
BIN: 5183024500xxxxxx
DATE: Rnd
CVV: Rnd
IP: USA πΊπΈ
β Spotify
β AteresPlayer
How use bin https://t.me/UnderCodeTesting/3768
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦MALWARE RESOURCES :
* [SMRT](https://github.com/pidydx/SMRT) - Sublime Malware Research Tool, a
plugin for Sublime 3 to aid with malware analyis.
* [strace](https://sourceforge.net/projects/strace/) - Dynamic analysis for
* [StringSifter](https://github.com/fireeye/stringsifter) - A machine learning tool
that automatically ranks strings based on their relevance for malware analysis.
* [Triton](https://triton.quarkslab.com/) - A dynamic binary analysis (DBA) framework.
* [Udis86](https://github.com/vmt/udis86) - Disassembler library and tool
for x86 and x86_64.
* [Vivisect](https://github.com/vivisect/vivisect) - Python tool for
malware analysis.
* [WinDbg](https://developer.microsoft.com/en-us/windows/hardware/download-windbg) - multipurpose debugger for the Microsoft Windows computer operating system, used to debug user mode applications, device drivers, and the kernel-mode memory dumps.
* [X64dbg](https://github.com/x64dbg/) - An open-source x64/x32 debugger for windows.
* [iocextract](https://github.com/InQuest/python-iocextract) - Advanced Indicator
of Compromise (IOC) extractor, Python library and command-line tool.
β 2020 GIT SOURCES
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦MALWARE RESOURCES :
* [SMRT](https://github.com/pidydx/SMRT) - Sublime Malware Research Tool, a
plugin for Sublime 3 to aid with malware analyis.
* [strace](https://sourceforge.net/projects/strace/) - Dynamic analysis for
* [StringSifter](https://github.com/fireeye/stringsifter) - A machine learning tool
that automatically ranks strings based on their relevance for malware analysis.
* [Triton](https://triton.quarkslab.com/) - A dynamic binary analysis (DBA) framework.
* [Udis86](https://github.com/vmt/udis86) - Disassembler library and tool
for x86 and x86_64.
* [Vivisect](https://github.com/vivisect/vivisect) - Python tool for
malware analysis.
* [WinDbg](https://developer.microsoft.com/en-us/windows/hardware/download-windbg) - multipurpose debugger for the Microsoft Windows computer operating system, used to debug user mode applications, device drivers, and the kernel-mode memory dumps.
* [X64dbg](https://github.com/x64dbg/) - An open-source x64/x32 debugger for windows.
* [iocextract](https://github.com/InQuest/python-iocextract) - Advanced Indicator
of Compromise (IOC) extractor, Python library and command-line tool.
β 2020 GIT SOURCES
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
GitHub
pidydx/SMRT
Sublime Malware Research Tool. Contribute to pidydx/SMRT development by creating an account on GitHub.
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦helpfull termux tool :
FEATURES :
>Grabb email passwords NEW!
>Check passwords leaked.
>Check hash code leaked.
>Check email leaked!
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1οΈβ£
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦helpfull termux tool :
FEATURES :
>Grabb email passwords NEW!
>Check passwords leaked.
>Check hash code leaked.
>Check email leaked!
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1οΈβ£
sudo apt update && sudo apt install python3 python3-pip
2οΈβ£git clone https://github.com/GitHackTools/Leaked
3οΈβ£cd Leaked
4οΈβ£bash install_update.sh
5οΈβ£python3 leaked.py
6οΈβ£CHOOSE OPTIONS VIA NUMBER SIMPLY@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β