diff --git a/README.md b/README.md index d17e25e..31317c2 100644 --- a/README.md +++ b/README.md @@ -122,8 +122,15 @@ A curated list of awesome malware analysis tools and resources. Inspired by from various lists. Curated by the [CSIRT Gadgets Foundation](http://csirtgadgets.org/collective-intelligence-framework). * [MISP](https://github.com/MISP/MISP) - Malware Information Sharing Platform curated by [The MISP Project](http://www.misp-project.org/). +* [Netcat](https://joncraton.org/blog/46/netcat-for-windows/) - Netcat is a simple networking utility which reads and writes data across + network connections using the TCP/IP protocol. It's a wonderful tool for debugging all kinds of network problems. It allows you to + read and write data over a network socket just as simply as you can read data from stdin or write to stdout. * [PassiveTotal](https://www.passivetotal.org/) - Research, connect, tag and share IPs and domains. +* [Process Explorer](https://technet.microsoft.com/en-us/sysinternals/processexplorer.aspx) - Windows software that has unique + capabilities of tracking down DLL-version problems or handle leaks, and provide insight into the way Windows and applications work. +* [PSTools](https://technet.microsoft.com/en-us/sysinternals/pstools.aspx) - Windows Toolbox that has command-line tools that help + administer windows systems. * [PyIOCe](https://github.com/pidydx/PyIOCe) - A Python OpenIOC editor. * [threataggregator](https://github.com/jpsenior/threataggregator) - Aggregates security threats from a number of sources, including some of @@ -214,6 +221,8 @@ A curated list of awesome malware analysis tools and resources. Inspired by * [totalhash.py](https://gist.github.com/gleblanc1783/3c8e6b379fa9d646d401b96ab5c7877f) - Python script for easy searching of the [TotalHash.cymru.com](https://totalhash.cymru.com/) database. * [TrID](http://mark0.net/soft-trid-e.html) - File identifier. +* [VirusTotal](http://virustotal.com) - Virus total aggregates many antivirus products and online scan engines to check for viruses that + the user's own antivirus may have missed, or to verify against any false positives. * [YARA](https://plusvic.github.io/yara/) - Pattern matching tool for analysts. * [Yara rules generator](https://github.com/Neo23x0/yarGen) - Generate @@ -427,7 +436,7 @@ the [browser malware](#browser-malware) section.* framework developed at UCSB's Seclab. * [bamfdetect](https://github.com/bwall/bamfdetect) - Identifies and extracts information from bots and other malware. -* [BAP](https://github.com/BinaryAnalysisPlatform/bap) - Multiplatform and open source (MIT) binary analysis framework developed at CMU's Cylab. +* [BAP](https://github.com/BinaryAnalysisPlatform/bap) - Multiplatform and open source (MIT) binary analysis framework developed at CMU's Cylab. * [BARF](https://github.com/programa-stic/barf-project) - Multiplatform, open source Binary Analysis and Reverse engineering Framework. * [binnavi](https://github.com/google/binnavi) - Binary analysis IDE for @@ -614,6 +623,7 @@ the [browser malware](#browser-malware) section.* Tools and Techniques for Fighting Malicious Code. * [Practical Malware Analysis](https://amzn.com/dp/1593272901) - The Hands-On Guide to Dissecting Malicious Software. +* [Real Digital Forensics](https://www.amzn.com/dp/0321240693) - Computer Security and Incident Response * [The Art of Memory Forensics](https://amzn.com/dp/1118825098) - Detecting Malware and Threats in Windows, Linux, and Mac Memory. * [The IDA Pro Book](https://amzn.com/dp/1593272898) - The Unofficial Guide