LookingGlass delivers the most comprehensive threat intelligence-driven solutions in the market enabling security teams to efficiently and effectively address threats throughout the cyber threat lifecycle.

With a scalable solutions portfolio of threat data feeds, a threat intelligence management platform, threat mitigation solutions, and threat intelligence services, LookingGlass enables security teams to prevent, detect, understand, and respond to analyzed, prioritized, relevant threats.Additionally, with a deep knowledge of the global Internet topology and near real time activity, LookingGlass helps organizations understand threats inside and outside their perimeter - including threats that may be impacting third party trusted partners, other organizations in their industry, and the latest threat trends impacting the global Internet at large.

Malpedia is a free service offered by Fraunhofer FKIE.
Administration is lead by Daniel Plohmann and Steffen Enders.

Mission Statement
The primary goal of Malpedia is to provide a resource for rapid identification and actionable context when investigating malware. Openness to curated contributions shall ensure an accountable level of quality in order to foster meaningful and reproducible research.
Please respect the Terms of Service.

Also, please be aware that not all content on Malpedia is publicly available.
More specifically, you will need an account to access all data (malware samples, non-public YARA rules, ...).
In this regard, Malpedia is operated as an invite-only trust group.

urlscan.io is a service to scan and analyse websites. When a URL is submitted to urlscan.io, an automated process will browse to the URL like a regular user and record the activity that this page navigation creates. This includes the domains and IPs contacted, the resources (JavaScript, CSS, etc) requested from those domains, as well as additional information about the page itself. urlscan.io will take a screenshot of the page, record the DOM content, JavaScript global variables, cookies created by the page, and a myriad of other observations.

Finally, urlscan.io will try to make a verdict whether the scanned website is considered malicious or suspicious. If the site is targeting the users one of the almost 400 brands tracked by urlscan.io, this will be shown in the scan results.

Interactive online malware analysis service for dynamic and static research of most types of threats using any environments. Replaces a set of tools for research.

Ransomware Overview

Hey there!
If you have been searching for a place to get started with
Reverse Engineering and get your hands dirty - you are in the right place :)

Joe Sandbox detects and analyzes potential malicious files and URLs on Windows, Android, Mac OS, Linux, and iOS for suspicious activities. It performs deep malware analysis and generates comprehensive and detailed analysis reports. This website gives you access to the Community Edition of Joe Sandbox Cloud. It allows you to run a maximum of 30 analyses / month, 3 analyses / day on Windows, Linux and Android with limited analysis output.

Robtex uses various sources to gather public information about IP numbers, domain names, host names, Autonomous systems, routes etc. It then indexes the data in a big database and provide free access to the data.

We aim to make the fastest and most comprehensive free DNS lookup tool on the Internet.

Our database now contains billions of documents of internet data collected over more than a decade.

A Search Engine for Threats

Ce meetup a pour objectif de vous montrer en direct comment capturer et analyser vos premiers malwares, de la mise en place d'un pot de miel (honeypot) jusqu'à l'identification du serveur de contrôle.

Threat Hunting: Beyond Alerts & IOCs

Operational and technical headquarters was set up to locate large-scale cyber threats by the National Police of Ukraine and the Security Service of Ukraine. It includes representatives of the most famous Ukrainian and foreign cyber security companies. According to these facts, the pre-trial investigation was initiated by the National Police of Ukraine.

Comment: Yaroslav Trakalo, spokesman for the National Police of Ukraine

Коментар: Ярослав Тракало, речник Національної поліції України

VirusShare.com is a repository of malware samples to provide security researchers, incident responders, forensic analysts, and the morbidly curious access to samples of live malicious code.

VirusTotal Intelligence allows you to search through our dataset in order to identify files that match certain criteria (antivirus detections, binary content, metadata, submission file names, file format structural properties, file size, etc.). We could say that it is pretty much like the "Google" of malware.
In order to ease the use of the application we have classified the search queries and modifiers into the following categories, you can combine any number of them in the same query, moreover, you can use AND, OR and NOT operators to tweak your searches.

Free Website Malware and Security Scanner:
Enter a URL (ex. sucuri.net) and the Sucuri SiteCheck scanner will check the website for known malware, blacklisting status, website errors, and out-of-date software.

File Analyzer detects and analyses potential malicious executables such as:

.exe (Executables, GUI, CUI, and all variants like PIF, SCR, CPL etc)
.dll (Dynamic Link Libraries)
.vbs (Script files like JS, JSE, VBS, VBE, PS1, PS2, CHM etc)
.any (Available in Pro Version)

File Analyzer is based on Joe Sandbox Desktop which performs deep malware analysis. Compared to others Joe Sandbox performs static, dynamic, graph and hybrid analysis to get the most in-depth analysis possible. The captured behavior is rated and classified by one of the biggest behavior signature sets.

What about evasive malware? Joe Sandbox Desktop is the only solution which uses novel graph based algorithms to detect and spot evasive behavior. Checkout the behavior and execution graphs in the reports. To leave malware no choice for VM detection Joe Sandbox Desktop enables to analyze on bare-metal machines (e.g. on a Laptop or PC from your environment).

Malware Analysis Reports: Latest behavior analysis reports generated by Joe Sandbox
Check out our latest Analysis Reports of Evasive Malware

Windows
Android
Mac
iOS

The OpenC2 Forum defines a language at a level of abstraction that will enable unambiguous command and control of cyber defense technologies. OpenC2 is broad enough to provide flexibility in the implementations of devices and accommodate future products and will have the precision necessary to achieve the desired effect.

This webpage is a free malware analysis service powered by Payload Security that detects and analyzes unknown threats using a unique Hybrid Analysis technology.
This free malware analysis service is running VxStream Sandbox v6.70 in the backend. Supporting PE, Office, PDF, APK files and more (e.g. EML). Maximum upload size is 100 MB.

Learn about the latest online threats.
Share and collaborate in developing threat intelligence.
Protect yourself and the community against today’s latest threats.

At the heart of Open Threat Exchange is the pulse, an investigation of an online threat. Pulses describe any type of online threat including malware, fraud campaigns, and even state sponsored hacking.

Pulses are comprised of indicators of compromise (or IoCs), which describe the infrastructure of that threat – including IPs, file hashes, e-mail addresses affiliated with the threat, etc.