govolution

Some Great Links for Malware Research

Last week I attended this years Brucon, where I had the chance to participate in the Malware Triage workshop by https://twitter.com/herrcore and https://twitter.com/seanmw. The workshop is awesome (look here to get the idea: http://herrcore.blogspot.de/2014/09/crowdsourced-malware-triage.html) and if you have the chance to take it go for it! The links here are from their slides and I post it in agreement (thank you):

https://www.virustotal.com/
https://sitereview.bluecoat.com/sitereview.jsp
https://passivetotal.org/
http://whois.domaintools.com/
http://threatcrowd.org/
http://useragentstring.com/
http://onlinecurl.com/
https://www.hurl.it/
http://urlquery.net/
http://jsbeautifier.org/
http://math.chapman.edu/~jipsen/js/
https://www.base64decode.org/
https://www.trailofbits.com/resources/exploit_intelligence_project_2_slides.pdf
https://www.onlinedisassembler.com/odaweb/
http://www.showmycode.com/
http://ideone.com/
http://www.tutorialspoint.com/codingground.htm
https://github.com/rapid7/metasploit-framework
https://malwr.com/
http://plusvic.github.io/yara/
http://openioc.org/
https://totalhash.cymru.com/
http://yara-generator.net/
https://github.com/Xen0ph0n/yaragenerator
https://www.iocbucket.com/
https://www.reverse.it/
Update – Slides: http://openanalysis.net/training/Crowdsourced_Malware_Triage_-_Workshop.pdf