Windows forensic and other free tools by Forensics, Programming, X-Ways. Certified SANS instructor.

MITRE’s Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK™) is a curated knowledge base and model for cyber adversary behavior, reflecting the various phases of an adversary’s lifecycle and the platforms they are known to target. ATT&CK is useful for understanding security risk against known adversary behavior, for planning security improvements, and verifying defenses work as expected.

Note: A MITRE Partnership Network (MPN) account is not required to view and use the ATT&CK site.

Machine learning has seen a remarkable rate of adoption in recent years across a broad spectrum of industries and applications. Many applications of machine learning techniques are adversarial in nature, insofar as the goal is to distinguish instances which are bad'' from those which aregood''. Indeed, adversarial use goes well beyond this simple classification example: forensic analysis of malware which incorporates clustering, anomaly detection, and even vision systems in autonomous vehicles could all potentially be subject to attacks. In response to these concerns, there is an emerging literature on adversarial machine learning, which spans both the analysis of vulnerabilities in machine learning algorithms, and algorithmic techniques which yield more robust learning.

Joe Sandbox detects and analyzes potential malicious files and URLs on Windows, Android, Mac OS, Linux, and iOS for suspicious activities. It performs deep malware analysis and generates comprehensive and detailed analysis reports. This website gives you access to the Community Edition of Joe Sandbox Cloud. It allows you to run a maximum of 30 analyses / month, 3 analyses / day on Windows, Linux and Android with limited analysis output.

Robtex uses various sources to gather public information about IP numbers, domain names, host names, Autonomous systems, routes etc. It then indexes the data in a big database and provide free access to the data.

We aim to make the fastest and most comprehensive free DNS lookup tool on the Internet.

Our database now contains billions of documents of internet data collected over more than a decade.

Nous partageons les données qui révèlent comment les règles et les actions des autorités administratives et des entreprises affectent la confidentialité, la sécurité et l'accès aux informations.

A Search Engine for Threats

Questions and Answers on Developing QRadar Applications

Welcome to OmniSecu.com (Free Networking Tutorials, Free System Administration Tutorials and Free Security Tutorials). Here you can gain the basic and intermediate level knowledge in Networking, Network Security, and System Security absolutely FREE!. We have organized all technical information for a beginner in Networking, Network Security and System Security here. We will guide you step-by-step in the learning process, and make sure that you will become a master. Remember, nothing can replace knowledge in IT world.

Ce meetup a pour objectif de vous montrer en direct comment capturer et analyser vos premiers malwares, de la mise en place d'un pot de miel (honeypot) jusqu'à l'identification du serveur de contrôle.

Je n'ai rien à cacher. En fait si, et vous également !

Threat Hunting: Beyond Alerts & IOCs

We’ve compiled the best insights from subject matter experts and industry insiders for you in one place, so you can dive deep into the latest of what’s happening in the world of security.

Pour les gens n'étant pas familiers avec les sites de challenges, un site de challenges est un site proposant en particulier des problèmes relatifs à l'informatique. Il existe de nombreux types de challenges. Les plus communs sont les suivants : Cryptographie, Crackme, Stéganographie, Programmation, Logique et Maths/Science. La difficulté de ces épreuves varie de même.

TL;DR: Mailsploit is a collection of bugs in email clients that allow effective sender spoofing and code injection attacks. The spoofing is not detected by Mail Transfer Agents (MTA) aka email servers, therefore circumventing spoofing protection mechanisms such as DMARC (DKIM/SPF) or spam filters.

This page lists some good books recommended by current and past students for a variety of subjects related to the degree. Feel free to add books as you read them if they are relevant!

Books for the Interested Reader

The goal of this website is to raise some awareness on this issue and have people think about how they use services like Foursquare, Brightkite, Google Buzz etc. Because all this site is, is a dressed up Twitter search page. Everybody can get this information.

Pour accéder à nos comptes en ligne, nous utilisons souvent des mots de passe « faibles » ou le même mot de passe sur plusieurs comptes. Voici quelques astuces pour gérer ses mots de passe personnels en toute sécurité.

It is a complicated, arduous, and time-consuming task for even experienced system administrators to know what a reasonable set of security settings is for any operating system. Thus, the FIRST Best Practice Guide Library intends to assist FIRST Team Members and public in general in configuring their systems securely by providing configuration templates and security guidelines.

Also, this initiative aims at recognizing FIRST members' work and promote it outside the FIRST community.