Helpful Links
Cybersecurity Resources
We are grateful to the cybersecurity community members that create and/or curate content and IOCs to share with others. Also, for the organizations that host threat exchange platforms to facilitate free access to community-sourced data. Malware Patrol publishes a variety of indicators daily on Alien Vault OTX.
Helpful Links
Our team compiled a list of resources that they have used or bookmarked during the course of their work. They are organized by category and shared below. Due to the vast amount of information to which these links lead, Malware Patrol cannot ensure the accuracy of their content.
DDoS
Malware
Awesome Malware Analysis (rshipp)
Banking Trojans: A Reference Guide to the Malware Family Tree (F5 Labs)
BinDiff and BinNavi Reverse Engineering Software (Zynamics)
Evasion Techniques Encyclopedia (CheckPoint)
Explained: Packer, Crypter, and Protector (Malwarebytes)
Free Malware Sample Sources for Researchers (Lenny Zeltser)
Malware Information Sharing Platform (MISP)
Malware Naming (Microsoft)
Malware Reports (SecureList)
Trickbot – An analysis of data collected from the botnet (GovCERT.ch)
What are exploits? (And why you should care) (Malwarebytes)
Why Domain Generating Algorithms (DGAs)? (TrendMicro)
Ransomware
Before You Pay that Ransomware Demand (Brian Krebs)
Free Ransomware Decryption Tools – AVAST
Free Ransomware Decryption Tools – BITDEFENDER
Free Ransomware Decryption Tools – CRYPTOSTOPPERS
Free Ransomware Decryption Tools – EMSISOFT
Free Ransomware Decryption Tools – HEIMDAL SECURITY
Free Ransomware Decryption Tools – KASPERSKY
A History of Ransomware Attacks (DigitalGuardian)
Ransomware Detection and Decryption Tools (VinRansomware)
Ransomware Listing (NJCCIC)
DNS
A Cartoon Intro to DNS Over HTTPS
DNS Privacy Frequently Asked Questions (FAQ) (InternetSociety.org)
DNS Response Policy Zone (RPZ) (Barry Greene/Vernon Schryver)
DNS Security (Part 1): Issues in DNS Security (TechGenix)
DNS Tools – Ping, Traceroute, DNS Lookup (DomainTools)
Phishing
6 Common Phishing Attacks (TripWire)
FTC Guidance for Handling Phishing Scams (National Law Review)
A Technical Demonstration of an Email Phishing Attack (Bsides Philly)
Typosquatting: Awareness and Hunting (SANS)
What is Phishing? (Phishing.org)
Research & Tools
10 Free or Low-Cost Security Tools (Dark Reading)
51 Tools for Security Analysts (WordFence)
ATT&CK for Industrial Control Systems (MITRE)
The Book of Secret Knowledge (@trimstray, Github)
Community Tools (Crowdstrike)
CSIRT Services Framework (FIRST)
Database Security Tools (Infosec Institute)
Free & Open Source Computer Forensics Tools (Infosec Institute)
Jackdaw – Tool to Collect All Information in Your Domain (Hakin9)
Online Security Classes (Open Security Training)
OSINT IntelTechniques (Michael Bazzell)
OWASP (OWASP)
Pentest Tools (Carrie Roberts/Tripwire)
SANS Investigative Forensic Toolkit (SIFT)
Security APIs (Alexander Jäger)