📃
Anggi's Notes
  • Tentang Penulis
  • Preambule
  • Tutorial Red Team Area (General)
    • Tutorial Setup VirtualBox
    • Tutorial Setup Kali Linux pada VirtualBox
    • Network Adapter Type pada Virtual Box
    • Tutorial Port Forwarding Pada Virtual Box
    • Mempercepat update/upgrade/install Kali Linux
    • Networking in a Nutshell
    • Linux in A Nutshell
    • Linux Command Intro
    • VA-PT Cheatsheet
    • Penetration Testing Guide & Checklist
    • Pentesting Web checklist
    • NMAP Cheatsheet
    • Bind vs Reverse Shell Concept
    • Reverse Shell Cheatsheet
    • Linux TTY Shell Cheat Sheet
    • Menaikkan Common Shell ke Meterpreter
    • Metasploit Cheatsheet
      • msfvenom
      • searchploit
    • Metasploitable-2
    • Metasploitable-3
    • Linux Privilege Escalation
      • Linux Privilege Escalation with Misconfigured /etc/passwd
      • Linux Privilege Escalation with SUID
      • Linux Privilege Escalation with Misconfigured Sudo
      • Linux Privilege Escalation with MSF
    • DVWA
      • Brute Force
        • Low
        • Medium
        • High
      • Command Injection
        • Low
        • Medium
        • High
      • Local File Inclusion
        • Low
        • Medium
        • High
      • File Upload Vulnerability
        • Low
        • Medium
        • High
      • Cross Site Scripting (XSS)
        • Reflected
          • Low
          • Medium
          • High
        • Stored
          • Low
          • Medium
          • High
        • DOM
          • Low
          • Medium
          • High
      • SQL Injection
        • Non Blind
          • Low
          • Medium
          • High
        • Blind
          • Low
          • Medium
          • High
      • CSRF
        • Low
        • Medium
        • High
    • Pentesting Report Sample
    • Tutorial Penggunaan ZAP
    • Windows VA/Audit
      • DetExploit
      • HardeningKitty
      • Tutorial Installasi OWASP ZAP pada Windows OS
    • Linux VA/Audit dengan Lynis
    • Mobile Security Framework (MobSF) Windows Docker
  • Tutorial Red Team Area (Teknik Windows Attack )
    • Reconnaissance Techniques
    • Windows Red Team Exploitation Techniques
    • Windows Red Team Defense Evasion Techniques
  • Tutorial Blue Team Area
    • Merancang SOC
    • IR Playbook
    • Blue Team Opensource Online Tools
    • Wireshark Query Cheatsheet
  • Temuan Celah Keamanan
    • LFI (Directory Traversal) di redacted.co.id
    • Kredensial Database dan Azure Leaks pada redacted.com
    • HTML Injection di Tokopedia
    • 🤪4300$ Bounty from Opensource automate recon tools, why not?
    • I hacked Mastercard 4 times? But How?
    • LFI dan RCE di aset redacted.com
    • FTPd DOS di aset redacted.co.id
    • Gitlab SSRF di redacted.com
    • Firebase Android database Takeover
    • RCE di 11 Subdomain Dell
    • SSRF di redacted.com
    • Reflected XSS di CelticPipes
    • Git Disclosure di redacted.co.id
    • Open Redirection+XSS pada Private Program Bugcrowd
    • Rails Debug Mode Enabled pada redacted.com
Powered by GitBook
On this page
  • Free Tools
  • Domain and IP Threat Intel
  • Talos Intelligence
  • URLVoid
  • IPVoid
  • ThreatCrowd
  • Domain Dossier
  • PCAP Analyzer
  • APackets
  • Dynamite Lab
  • Files & Hash Threat Intel and Sandbox
  • Virus Total
  • URL Scan
  • Hybrid Analysis
  • Any.run
  • Malwr
  • Joe Sandbox
  • Analyzing Malicious Documents Cheat Sheet
  • Malwoverview
  • Encode / Decode
  • Cyberchef
  • Uncoder
  • One Click Forensics Lab

Was this helpful?

  1. Tutorial Blue Team Area

Blue Team Opensource Online Tools

Source: https://gitlab.com/syntax-ir/playbooks

PreviousIR PlaybookNextWireshark Query Cheatsheet

Last updated 1 year ago

Was this helpful?

Free Tools

In this section you will find link to free tools sometimes with a short description of what the tool does and how to use it.

Domain and IP Threat Intel

Talos Intelligence

Search by IP, domain, or network owner for real-time threat data.

URLVoid

Website Reputation Checker This service helps you detect potentially malicious websites. Check the online reputation/safety of a website.

IPVoid

ThreatCrowd

Search by Domain, IP, Email or Organization ThreatCrowd is now powered by AlienVault®

Domain Dossier

The Domain Dossier tool generates reports from public records about domain names and IP addresses to help solve problems, investigate cybercrime, or just better understand how things are set up. These reports may show you:

  • Owner’s contact information

  • Registrar and registry information

  • The company that is hosting a Web site

  • Where an IP address is geographically located

  • What type of server is at the address

  • The upstream networks of a site

  • and much more

PCAP Analyzer

APackets

Analyze PCAP files to gain insights into HTTP headers, request and response data. Effortlessly extract transferred files, office documents, and images. Find passwords for various protocols.

Dynamite Lab

Analyze PCAP files to gain insights into HTTP headers, request and response data. Effortlessly extract transferred files, office documents, and images. Find passwords for various protocols.

Files & Hash Threat Intel and Sandbox

Virus Total

Analyze suspicious files and URLs to detect types of malware, automatically share them with the security community

URL Scan

A sandbox for the web This site will give you an image of the the site. Very useful to investigate phishing without visiting the site from your machine.

Hybrid Analysis

A free malware analysis service for the community that detects and analyzes unknown threats using a unique Hybrid Analysis technology. Powered by CrowdStrike Falcon® Sandbox.

Any.run

Note: You need to create an account. Innovative cloud-based sandbox with full interactive access

Malwr

An online version of Cuckoo Sandbox (currently of line)

Joe Sandbox

Joe Sandbox detects and analyzes potential malicious files and URLs on Windows, Android, Mac OS, Linux, and iOS for suspicious activities. It performs deep malware analysis and generates comprehensive and detailed analysis reports. This website gives you access to the Community Edition of Joe Sandbox Cloud. It allows you to run a maximum of 15 analyses / month, 5 analyses / day on Windows, Linux and Android with limited analysis output.

Analyzing Malicious Documents Cheat Sheet

This cheat sheet outlines tips and tools for analyzing malicious documents, such as Microsoft Office, RTF and Adobe Acrobat (PDF) files. To print it, use the one-page PDF version; you can also edit the Word version to customize it for you own needs.

Malwoverview

Encode / Decode

Cyberchef

The Cyber Swiss Army Knife

CyberChef is a simple, intuitive web app for carrying out all manner of "cyber" operations within a web browser. These operations include simple encoding like XOR or Base64, more complex encryption like AES, DES and Blowfish, creating binary and hexdumps, compression and decompression of data, calculating hashes and checksums, IPv6 and X.509 parsing, changing character encodings, and much more.

The tool is designed to enable both technical and non-technical analysts to manipulate data in complex ways without having to deal with complex tools or algorithms. It was conceived, designed, built and incrementally improved by an analyst in their 10% innovation time over several years.

Uncoder

Uncoder.IO is the online translator for SIEM saved searches, filters, queries, API requests, correlation and Sigma rules to help SOC Analysts, Threat Hunters and SIEM Engineers. Serving as one common language for cyber security it allows blue teams to break the limits of being dependent on single tool for hunting and detecting threats and avoid technology lock-in. With easy, fast and private UI you can translate the queries from one tool to another without a need to access to SIEM environment and in a matter of just few seconds.

One Click Forensics Lab

Deploy a DFIR forensics lab with one script on Google Cloud Platform!

Malwoverview.py is a simple tool to perform an initial and quick triage of malware samples, URLs and hashes. Additionally, Malwoverview is able to show some threat intelligence information.

https://talosintelligence.com/
https://www.urlvoid.com/
https://www.urlvoid.com/
https://www.threatcrowd.org/
https://centralops.net/co/DomainDossier.aspx
https://apackets.com/
https://lab.dynamite.ai/pcaps
https://www.virustotal.com/gui/
https://urlscan.io/
https://www.hybrid-analysis.com/
https://app.any.run/
https://malwr.com/
https://www.joesandbox.com/
https://zeltser.com/analyzing-malicious-documents/
https://github.com/alexandreborges/malwoverview
https://gchq.github.io/CyberChef/
https://github.com/gchq/CyberChef
https://uncoder.io/
https://0xbanana.com/blog/one-click-forensics-lab-in-the-cloud/