At the beginning of 2020, we discovered the Red Unlock technique that allows extracting Intel Atom Microcode. We were able to research the internal structure of the microcode and then x86 instruction implementation. Also, we recovered a format of microcode updates, algorithm and the encryption key used to protect the microcode.
This is the tools they used to take it apart.
Crowdsec is an open-source, lightweight software, detecting peers with aggressive behaviors to prevent them from accessing your systems. Its user friendly design and assistance offers a low technical barrier of entry and nevertheless a high security gain. Scans logs for signs of activity. Matches signs to local and crowdsourced attack signs. If a response agent is integrated with the service, it will react to the attack. Signs are also contributed back to the project to aid the community. Interactive setup and configuration. Designed not to need fine tuning to be effective.
teler is an real-time intrusion detection and threat alert based on web log that runs in a terminal with resources that we collect and provide by the community. Requires minimal configuration. Run your web server logs through it and see what it comes up with.
A directory of free APIs for use in software and web development.
Free and open threat intel feeds. Reputation, malware identification, blacklists, known bad IP ranges, blocklists, and more.
GreyNoise is a system that collects and analyzes data on Internet-wide scanners. GreyNoise collects data on benign scanners such as Shodan.io, as well as malicious actors like SSH and telnet worms.
The data is collected by a network of sensors deployed around the Internet in various datacenters, cloud providers, and regions.
A web portal linking to dozens of sources of freely available OSINT for anyone to make use of. Put the pieces together yourself, if you've a mind to.
An online reference for Intel 32-bit assembly language opcodes and mnemonics.
An online reference for Intel 64-bit assembly language opcodes and mnemonics.