ENISA training resources for cybersecurity incidend response

A really useful free training course ENISA (European Union Agency for Network and Information Security) is a centre of expertise for cyber security in Europe, with main mission of contribute to securing Europe’s information society by raising “awareness of network and information security and to develop and promote a culture, of network and information security in…

Online PCAP analysis with PacketTotal

Why using Wireshark? PacketTotal is an online engine for analyzing .pcap files and visualizing the network traffic within, useful for malware analysis and incident response. PacketTotal leverages features of BRO IDS and Suricata to flag malicious/suspicious traffic, display detailed protocol information, and extract artifacts found inside the packet capture. What does PacketTotal offer that a traditional packet-capture…

Malware analysis, my own list of tools and resources

A constantly updated list — Last update: February 15, 2017   During my daily activities of analysis and research, often I discover new useful tools. I collected them in this list (periodically updated). Enjoy! Detection AnalyzePE — Wrapper for a variety of tools for reporting on Windows PE files. chkrootkit — Linux rootkit detector. Rootkit Hunter — Detect Linux rootkits. Detect-It-Easy — A program for determining…