Skip to content

Cybersecurity Tools

Related + Sources
Acronyms
  • CTI → Cyber Threat Intelligence
  • PWA → Progressive Web App

Resource Lists

Other lists containing useful tools, resources, and more for cyber disciplines

cybersources.site

General Tools

Sites & PWAs

Cyberchef

OSINT & Threat Intelligence

Websites & PWAs

urlscan.io

abuse.ch

Hosts several platforms useful for gathering threat intelligence.

  • MalwareBazaar → Browse and share malware samples
  • FeodoTracker"..a project of abuse.ch with the goal of sharing botnet C&C servers associated with Dridex, Emotet (aka Heodo), TrickBot, QakBot (aka QuakBot / Qbot) and BazarLoader (aka BazarBackdoor)..."
  • SSL Blacklist"...a project of abuse.ch with the goal of detecting malicious SSL connections, by identifying and blacklisting SSL certificates used by botnet C&C servers. In addition, SSLBL identifies JA3 fingerprints that helps you to detect & block malware botnet C&C communication on the TCP layer..."
  • URLhaus → Browse and share malicious URLs used for malware distribution
  • Threatfox → IOC Database

PhishTool

Cisco Talos Intelligence

Robtex

"Robtex is used for various kinds of research of IP numbers, Domain names, etc"

VirusTotal

Hybrid-Analysis

"This is a free malware analysis service for the community that detects and analyzes unknown threats using a unique Hybrid Analysis technology."

Software

JA3 / JA4+

  • JA3"A JA3 hash represents the fingerprint of an SSL/TLS client application as detected via a network sensor or device, such as Bro or Suricata. This allows for simple and effective detection of client applications..."
    • "JA3 was invented at Salesforce in 2017. However, the project is no longer being actively maintained by Salesforce. Its original creator, John Althouse, maintains the latest in TLS client fingerprinting technology at FoxIO-LLC..."
  • JA4+"A suite of network fingerprinting methods by FoxIO that are easy to use and easy to share..." The suc

OpenCTI

Open source, self-hostable platform for managing "[CTI] knowledge and observables..."

MISP

Network Security and Traffic Analysis

Software

Traffic Analysis with Wireshark

Brim

Log file + packet capture analysis akin to Wireshark and Zeek. Great when dealing with A LOT of logs.

Endpoint Security

OSQuery

Often used in tandem with Kolide Fleet.

Steganography

Images

Aperi'Solve (Website)

Audio

  • Spectogram Viewers
    • Audacity, etc.