Search: [malware] - Bookmarks

KasperskyLab/TinyCheck https://github.com/KasperskyLab/TinyCheck

Thu 03 Dec 2020 05:06:10 PM PST

TinyCheck allows you to easily capture network communications from a smartphone or any device which can be associated to a Wi-Fi access point in order to quickly analyze them. This can be used to check if any suspect or malicious communication is outgoing from a smartphone, by using heuristics or specific Indicators of Compromise (IoCs). In order to make it working, you need a computer with a Debian-like operating system and two Wi-Fi interfaces. The best choice is to use a Raspberry Pi (2+) a Wi-Fi dongle and a small touch screen. This tiny configuration (for less than $50) allows you to tap any Wi-Fi device, anywhere.

Penetration Testing | The Metasploit Project http://www.metasploit.com/

Tue 20 Mar 2018 03:08:28 AM PDT

A framework used by penetration testers for building custom exploits for infiltrating systems. Written in Ruby. Comes with a large library of payloads and other nifty and fascinating tools. It's worth learning to use if you're serious about penetration testing or exploit development. Also, the cutting edge of attack technologies winds up coming out of the Metasploit project.

Reverse-Engineering Malware Cheat Sheet by Lenny Zeltser http://zeltser.com/reverse-malware/reverse-malware-cheat-sheet.html

Tue 20 Mar 2018 02:11:48 AM PDT

A cheat-sheet for reverse engineering malware, by Lenny Zeltser.

Getting the EXE out of the RTF http://isc.sans.edu/diary.html?storyid=6703

Tue 20 Mar 2018 01:52:53 AM PDT

An excellent article from the Internet Storm Center about carving executables out of other sorts of files (like .rtf documents) for the purposes of identification and reverse engineering.

Cuckoo Sandbox http://www.cuckoobox.org/

Tue 20 Mar 2018 12:56:57 AM PDT

Cuckoo is an isolated virtual machine that assists and partially automates the analysis and reverse engineering of malware. It can be used to analyze malware and its components for Windows, suspicious document files, and obfuscated or otherwise dodgy scripts. It can be used to trace API calls and capture network taffic for analysis. It is also designed for extensibility, so you can implement your own analysis and reverse engineering processes to add to the virtual machine. Has a Github repository.

github virtual-machine open-source reverse-engineering virtualbox tools sandbox analysis malware

Hack-with-Github/Awesome-Hacking: A collection of various awesome lists for hackers, pentesters and security researchers https://github.com/Hack-with-Github/Awesome-Hacking

Mon 19 Mar 2018 10:31:29 PM PDT

Awesome list of curated hacking infosec pentesting resources.

[lcamtuf.coredump.cx] http://lcamtuf.coredump.cx/

Mon 19 Mar 2018 07:59:07 PM PDT

Automated Malware Analysis | Cuckoo Sandbox http://www.cuckoosandbox.org/

Mon 19 Mar 2018 05:47:20 PM PDT

Cuckoo is a system emulator written in Python for analyzing malware. It automates much of the process of reverse engineering malware samples, such as tracing execution, snapshotting memorry, tracing API and function calls, and dumping network traffic. Generates reports at the end of execution. Modular design, so it's easily customizable.

Links per page

Filters