On-line resources

On-line tools supporting threat analysis.

Reverse engineering code

Indicators of Compromise

  • Check IoC can scan a log file, and reports whether the associated network is infected with malware or a DNS changer.

  • The Exploit Database has two repositories on GitHub. The main exploit database repository is updated daily and contains exploit & shellcode entries sorted by platform, and the exploit database bin-sploits repository holds binary exploits and proofs of concept.

  • Hybrid analysis is a malware analysis tool.

  • The Malware Hash Registry (MHR) gives a static and dynamic analysis of malware samples.

  • PhishEye surfaces existing and new domains that spoof legitimate names.

  • VirusTotal analyses suspicious files and URLs to detect types of malware. It automatically shares them with the security community.

  • Zulu URL Risk Analyzer inspects suspicious URLs.

Anti-Phishing

  • OpenPhish uses proprietary Artificial Intelligence algorithms to automatically identify zero-day phishing sites and provide comprehensive, actionable, real-time threat intelligence.

  • Phish Archive tracks various domains that are known to be a part of phishing attacks.