Bookmarks - wr0ng.name
Tag cloud
Picture wall
Daily
Plugins
  • ► Play Videos
RSS Feed
  • RSS Feed
  • ATOM Feed
  • Daily Feed
Filters

Links per page

  • 20 links
  • 50 links
  • 100 links

Display

Filter untagged links
page 1 / 3
58 results tagged analysis  ✕
THREAT MAP by LookingGlass https://map.lookingglasscyber.com/
Thu 16 Jul 2020 02:20:05 PM CEST
QRCode
archive.org
LookingGlass delivers the most comprehensive threat intelligence-driven solutions in the market enabling security teams to efficiently and effectively address threats throughout the cyber threat lifecycle.

With a scalable solutions portfolio of threat data feeds, a threat intelligence management platform, threat mitigation solutions, and threat intelligence services, LookingGlass enables security teams to prevent, detect, understand, and respond to analyzed, prioritized, relevant threats.Additionally, with a deep knowledge of the global Internet topology and near real time activity, LookingGlass helps organizations understand threats inside and outside their perimeter - including threats that may be impacting third party trusted partners, other organizations in their industry, and the latest threat trends impacting the global Internet at large.
analysis big cyberdefense data hacking it malware map security
Malpedia (Fraunhofer FKIE) https://malpedia.caad.fkie.fraunhofer.de/
Mon 06 Jul 2020 09:22:59 AM CEST
QRCode
archive.org
Malpedia is a free service offered by Fraunhofer FKIE.
Administration is lead by Daniel Plohmann and Steffen Enders.

Mission Statement
The primary goal of Malpedia is to provide a resource for rapid identification and actionable context when investigating malware. Openness to curated contributions shall ensure an accountable level of quality in order to foster meaningful and reproducible research.
Please respect the Terms of Service.

Also, please be aware that not all content on Malpedia is publicly available.
More specifically, you will need an account to access all data (malware samples, non-public YARA rules, ...).
In this regard, Malpedia is operated as an invite-only trust group.
analysis forensics malware OSINT research security wiki
Online PCAP Analyzer https://pcap.honeynet.org.my/v1/
Mon 18 May 2020 01:52:12 PM CEST
QRCode
archive.org
MyPcapAnalyzer is a service that analyzes pcap files and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by Intrution Detection Engines and other rulesets.
analysis forensics free network online security tool
Announcement: ZSHARK - Wireshark Sniffer for ConBee (Beta) · Issue #405 · dresden-elektronik/deconz-rest-plugin https://github.com/dresden-elektronik/deconz-rest-plugin/issues/405
Sun 26 Apr 2020 04:25:35 PM CEST
QRCode
archive.org
thumbnail
A helper tool to transfer sniffer data from ConBee USB dongle to a Wireshark instance.
analysis debug FOSS online protocols smartdevices smarthome sniff tools zigbee
NetSA Security Suite Overview https://tools.netsa.cert.org/overview.html
Fri 06 Mar 2020 10:17:38 AM CET
QRCode
archive.org
The NetSA Security Suite network sensing architecture is comprised of four major subsystems described below: sensor, collector, analysis, and alerting. These subsystems interconnect in order to collect, process, store, and analyze network communications.
analysis measures online research resources security systems tools
MQTT Explorer | An all-round MQTT client that provides a structured topic overview https://mqtt-explorer.com/
Fri 31 Jan 2020 01:15:22 AM CET
QRCode
archive.org
MQTT Explorer is a comprehensive MQTT client that provides a structured overview of your MQTT topics and makes working with devices/services on your broker dead-simple.
analysis debug free IOT MQTT opensource tools useful
CERT NetSA Security Suite https://tools.netsa.cert.org/index.html
Tue 24 Sep 2019 11:57:07 AM CEST
QRCode
archive.org
The Network Situational Awareness (NetSA) group at CERT has developed and maintains a suite of open source tools for monitoring large-scale networks using flow data. These tools have grown out of the work of the AirCERT project, the SiLK project and the effort to integrate this work into a unified, standards-compliant flow collection and analysis platform.

If you are new to the NetSA Security Suite, start with this overview of the components that comprise the NetSA Security Suite and their inter-operation.

CERT is a part of the Software Engineering Institute (SEI), a federally funded research and development center (FFRDC) operated by Carnegie Mellon University.
analysis backbone internet network online security tools
Note: Does tcpdump bypass iptables? https://superuser.com/a/925332
Mon 16 Sep 2019 03:18:15 PM CEST
QRCode
archive.org
thumbnail
This is a nice question.

As a matter of fact, tcpdump is the first software found after the wire (and the NIC, if you will) on the way IN, and the last one on the way OUT.

Wire -> NIC -> tcpdump -> netfilter/iptables

iptables -> tcpdump -> NIC -> Wire
Thus it sees all packets reaching your interface, and all packets leaving your interface. Since packets to port 53 do not get a reply, as seen by tcpdump, you have successfully verified that your iptables rules have been correctly configured.

EDIT

Perhaps I should add a few details. tcpdump is based on libpcap, a library which creates a packet socket. When a regular packet is received in the network stack, the kernel first checks to see whether there is a packet socket interested in the newly arrived packet and, if there is one, it forwards the packet to that packet socket. If the option ETH_P_ALL is chosen, then all protocols go thru the packet socket.

libpcap implements one such packet socket with the option activated, keeps a copy for its own use, and duplicates the packet back onto the network stack, where it is processed by the kernel in the usual way, including passing it first to netfilter, the kernel-space counterpart of iptables. Same thing, in reverse order (i.e., first netfilter then last the passage thru the packet socket), on the way out.

Is this prone to hacking? But of course. There are certainly proof-of-concept rootkits using libpcap to intercept communications destined to the rootkit before the firewall can lay its hand on them. But even this pales in comparison with the fact that a simple Google query unearths working code hiding traffic even from libpcap. Still, most professionals think the advantages vastly outweigh the disadvantages, in debugging network packet filters.
analysis debug knowledge networking tools
Java Decompiler http://java-decompiler.github.io/
Tue 27 Aug 2019 02:14:17 PM CEST
QRCode
archive.org
The “Java Decompiler project” aims to develop tools in order to decompile and analyze Java 5 “byte code” and the later versions.

JD-GUI is a standalone graphical utility that displays Java source codes of “.class” files. You can browse the reconstructed source code with the JD-GUI for instant access to methods and fields.

JD-Eclipse is a plug-in for the Eclipse platform. It allows you to display all the Java sources during your debugging process, even if you do not have them all.

JD-Core is a library that reconstructs Java source code from one or more “.class” files. JD-Core may be used to recover lost source code and explore the source of Java runtime libraries. New features of Java 5, such as annotations, generics or type “enum”, are supported. JD-GUI and JD-Eclipse include JD-Core library.

JD-Core, JD-GUI & JD-Eclipse are open source projects released under the GPLv3 License.
analysis code engineering java linux reverse source tools windows
Strings - Windows Sysinternals | Microsoft Docs https://docs.microsoft.com/fr-fr/sysinternals/downloads/strings
Thu 08 Aug 2019 02:04:54 PM CEST
QRCode
archive.org
thumbnail
Working on NT and Win2K means that executables and object files will many times have embedded UNICODE strings that you cannot easily see with a standard ASCII strings or grep programs. So we decided to roll our own. Strings just scans the file you pass it for UNICODE (or ASCII) strings of a default length of 3 or more UNICODE (or ASCII) characters. Note that it works under Windows 95 as well.

analysis free online tools useful windows
Ransomware Overview https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pubhtml
Tue 21 Aug 2018 04:39:26 PM CEST
QRCode
archive.org
Ransomware Overview
analysis malware OSINT security
glogg — glogg - the fast, smart log explorer http://glogg.bonnefon.org/index.html
Mon 02 Jul 2018 11:50:45 AM CEST
QRCode
archive.org
glogg is a multi-platform GUI application to browse and search through long or complex log files. It is designed with programmers and system administrators in mind. glogg can be seen as a graphical, interactive combination of grep and less.
analysis free linux logs security tools windows
RE for Beginners | Reverse Engineering https://www.begin.re/
Mon 02 Jul 2018 10:37:17 AM CEST
QRCode
archive.org
thumbnail
Hey there!
If you have been searching for a place to get started with
Reverse Engineering and get your hands dirty - you are in the right place :)
analysis engineering knowledge malware online reverse security tech
Automated Malware Analysis - Joe Sandbox Cloud Basic https://www.joesandbox.com/
Fri 22 Jun 2018 10:59:06 AM CEST
QRCode
archive.org
Joe Sandbox detects and analyzes potential malicious files and URLs on Windows, Android, Mac OS, Linux, and iOS for suspicious activities. It performs deep malware analysis and generates comprehensive and detailed analysis reports. This website gives you access to the Community Edition of Joe Sandbox Cloud. It allows you to run a maximum of 30 analyses / month, 3 analyses / day on Windows, Linux and Android with limited analysis output.
analysis malware online security tools
Welcome to Robtex! https://www.robtex.com/
Fri 15 Jun 2018 04:41:37 PM CEST
QRCode
archive.org
Robtex uses various sources to gather public information about IP numbers, domain names, host names, Autonomous systems, routes etc. It then indexes the data in a big database and provide free access to the data.

We aim to make the fastest and most comprehensive free DNS lookup tool on the Internet.

Our database now contains billions of documents of internet data collected over more than a decade.
analysis data internet ioc malware online repository security tools website
Introduction à l'analyse des malwares - OVH Meetup - YouTube https://www.youtube.com/watch?v=hUdSp-kz_xI
Fri 23 Mar 2018 03:31:22 PM CET
QRCode
archive.org
thumbnail
Ce meetup a pour objectif de vous montrer en direct comment capturer et analyser vos premiers malwares, de la mise en place d'un pot de miel (honeypot) jusqu'à l'identification du serveur de contrôle.
analysis knowledge malware online security video
Microsoft Remote Connectivity Analyzer https://testconnectivity.microsoft.com/
Wed 14 Feb 2018 11:15:13 AM CET
QRCode
archive.org
Support and Recovery Assistant is a new tool that helps users troubleshoot and fix issues with various Office 365 apps and services. The app diagnoses common Outlook issues like account setup, connectivity issues, password issues, or Outlook stops responding or crashes. To identify the root cause of these issues, the app runs checks such as:

    Checks licenses
    Verifying users’ credentials and that Office 365 servers are reachable
    Checks for updates to Outlook clients
    Checks authentication
    Network checks
    Protocol checks

Depending on the test results, the tool can offer to automatically fix problems for users or provide instruction on recommended solutions. All the diagnostics results are saved in a log file for users to share with their Office 365 admin or support engineers for further investigation.
analysis debug tools
VirusShare.com https://virusshare.com/
Wed 05 Jul 2017 10:19:06 AM CEST
QRCode
archive.org
VirusShare.com is a repository of malware samples to provide security researchers, incident responders, forensic analysts, and the morbidly curious access to samples of live malicious code.
analysis data knowledge malware OSINT research security share
Sucuri SiteCheck - Free Website Malware Scanner https://sitecheck.sucuri.net/
Fri 30 Jun 2017 04:24:00 PM CEST
QRCode
archive.org
thumbnail
Free Website Malware and Security Scanner:
Enter a URL (ex. sucuri.net) and the Sucuri SiteCheck scanner will check the website for known malware, blacklisting status, website errors, and out-of-date software.
analysis malware online security tools useful website
Free Automated Malware Analysis - File Analyzer http://file-analyzer.net/
Fri 30 Jun 2017 04:14:12 PM CEST
QRCode
archive.org
File Analyzer detects and analyses potential malicious executables such as:

    .exe (Executables, GUI, CUI, and all variants like PIF, SCR, CPL etc)
    .dll (Dynamic Link Libraries)
    .vbs (Script files like JS, JSE, VBS, VBE, PS1, PS2, CHM etc)
    .any (Available in Pro Version)

File Analyzer is based on Joe Sandbox Desktop which performs deep malware analysis. Compared to others Joe Sandbox performs static, dynamic, graph and hybrid analysis to get the most in-depth analysis possible. The captured behavior is rated and classified by one of the biggest behavior signature sets.

What about evasive malware? Joe Sandbox Desktop is the only solution which uses novel graph based algorithms to detect and spot evasive behavior. Checkout the behavior and execution graphs in the reports. To leave malware no choice for VM detection Joe Sandbox Desktop enables to analyze on bare-metal machines (e.g. on a Laptop or PC from your environment).
analysis malware online security tools useful
page 1 / 3
764 links
Shaarli - The personal, minimalist, super-fast, database free, bookmarking service by the Shaarli community - Theme by kalvn