From 26ee545d7c1d439c9386a37af9e0ddd11c1b7cf4 Mon Sep 17 00:00:00 2001 From: Andrew Garcia Date: Fri, 28 Oct 2016 16:33:03 -0600 Subject: [PATCH] Update README.md Edited the GitHub(Awesome Malware Analysis) and added the following Virus Total(antivirus and other malware identification tools) Process Explorer Under books, we recommended Real Digital Forensics PSTools placed this under Tools Netcat (Tools) --- README.md | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index d17e25e..31317c2 100644 --- a/README.md +++ b/README.md @@ -122,8 +122,15 @@ A curated list of awesome malware analysis tools and resources. Inspired by from various lists. Curated by the [CSIRT Gadgets Foundation](http://csirtgadgets.org/collective-intelligence-framework). * [MISP](https://github.com/MISP/MISP) - Malware Information Sharing Platform curated by [The MISP Project](http://www.misp-project.org/). +* [Netcat](https://joncraton.org/blog/46/netcat-for-windows/) - Netcat is a simple networking utility which reads and writes data across + network connections using the TCP/IP protocol. It's a wonderful tool for debugging all kinds of network problems. It allows you to + read and write data over a network socket just as simply as you can read data from stdin or write to stdout. * [PassiveTotal](https://www.passivetotal.org/) - Research, connect, tag and share IPs and domains. +* [Process Explorer](https://technet.microsoft.com/en-us/sysinternals/processexplorer.aspx) - Windows software that has unique + capabilities of tracking down DLL-version problems or handle leaks, and provide insight into the way Windows and applications work. +* [PSTools](https://technet.microsoft.com/en-us/sysinternals/pstools.aspx) - Windows Toolbox that has command-line tools that help + administer windows systems. * [PyIOCe](https://github.com/pidydx/PyIOCe) - A Python OpenIOC editor. * [threataggregator](https://github.com/jpsenior/threataggregator) - Aggregates security threats from a number of sources, including some of @@ -214,6 +221,8 @@ A curated list of awesome malware analysis tools and resources. Inspired by * [totalhash.py](https://gist.github.com/gleblanc1783/3c8e6b379fa9d646d401b96ab5c7877f) - Python script for easy searching of the [TotalHash.cymru.com](https://totalhash.cymru.com/) database. * [TrID](http://mark0.net/soft-trid-e.html) - File identifier. +* [VirusTotal](http://virustotal.com) - Virus total aggregates many antivirus products and online scan engines to check for viruses that + the user's own antivirus may have missed, or to verify against any false positives. * [YARA](https://plusvic.github.io/yara/) - Pattern matching tool for analysts. * [Yara rules generator](https://github.com/Neo23x0/yarGen) - Generate @@ -427,7 +436,7 @@ the [browser malware](#browser-malware) section.* framework developed at UCSB's Seclab. * [bamfdetect](https://github.com/bwall/bamfdetect) - Identifies and extracts information from bots and other malware. -* [BAP](https://github.com/BinaryAnalysisPlatform/bap) - Multiplatform and open source (MIT) binary analysis framework developed at CMU's Cylab. +* [BAP](https://github.com/BinaryAnalysisPlatform/bap) - Multiplatform and open source (MIT) binary analysis framework developed at CMU's Cylab. * [BARF](https://github.com/programa-stic/barf-project) - Multiplatform, open source Binary Analysis and Reverse engineering Framework. * [binnavi](https://github.com/google/binnavi) - Binary analysis IDE for @@ -614,6 +623,7 @@ the [browser malware](#browser-malware) section.* Tools and Techniques for Fighting Malicious Code. * [Practical Malware Analysis](https://amzn.com/dp/1593272901) - The Hands-On Guide to Dissecting Malicious Software. +* [Real Digital Forensics](https://www.amzn.com/dp/0321240693) - Computer Security and Incident Response * [The Art of Memory Forensics](https://amzn.com/dp/1118825098) - Detecting Malware and Threats in Windows, Linux, and Mac Memory. * [The IDA Pro Book](https://amzn.com/dp/1593272898) - The Unofficial Guide