Análisis de Malware Toolkit
A continuación, te compartimos esta recopilación de recursos para el análisis de malware. Con esta recopilación de recursos puedes:
- Realizar análisis de archivos, URL y sitios potencialmente maliciosos, empleados en campañas de distribución de malware o phishing.
- Accede a listas Blacklist y reglas de Firewall para aumentar tus capacidades de detección, también puede ser un medio que te permita analizar y mejorar tu estrategia de seguridad.
RECUERDA
La mayoría de los recursos aquí presentados ofrecen servicios gratuitos puede que en algún momento ya no estén online o comiencen a cobrar por sus servicios.
Bases de Datos de Malware
- https://github.com/rshipp/awesome-malware-analysis
- http://www.malwaredomainlist.com/mdl.php
- http://www.malwareblacklist.com/showMDL.php
- http://support.clean-mx.de/clean-mx/viruses.php
- http://malc0de.com/database/
- https://zeustracker.abuse.ch/monitor.php?browse=binaries
- https://spyeyetracker.abuse.ch/monitor.php?browse=binaries
- http://amada.abuse.ch/palevotracker.php
- http://www.sacour.cn/showmal.asp?month=8year=2012
- http://malwaredb.malekal.com/ (requiere registro)
- http://blog.urlvoid.com/new-list-of-dangerous-websites-to-avoid
- http://www.scumware.org
- http://secuboxlabs.fr
- http://www.threatlog.com
- http://minotauranalysis.com/exetweet/
- http://minotauranalysis.com/malwarelist.php
- http://adminus.net
- http://jsunpack.jeek.org/?list=1
- http://blackip.ustc.edu.cn/bytime.html
- http://www.malwareint.com
- http://www.blade-defender.org/eval-lab
- http://www.malwareurl.com/ (requiere registro gratuito)
- http://www.offensivecomputing.net/ (requiere registro gratuito)
- http://contagiodump.blogspot.com/ (malware para móviles)
- http://virussign.com/downloads.html (registro requerido)
- http://www.nothink.org/viruswatch.php
- http://dashke.blogspot.com/
- http://malware.lu/ (registro requerido para descarga)
- http://www.nictasoft.com/ace/malware-urls/
- http://reviewsantivirus.blogspot.com/
- http://virusshare.com/
- http://labs.sucuri.net/
- http://freelist.virussign.com/freelist/
- https://malware.dontneedcoffee.com/blog/
Análisis de Malware Online
- AMAaaS (Android files)
- Any.run (Community Edition)
- Binary Guard True Bare Metal
- Intezer Analyze (Community Edition)
- IRIS-H (focuses on document files)
- CAPE Sandbox
- Comodo Valkyrie
- Detux Sandbox (Linux binaries)
- Joe Sandbox Cloud (Community Edition)
- sandbox.pikker.ee
- SecondWrite (free version)
- SNDBOX
- Hybrid Analysis
- ThreatTrack
- ViCheck
- VirusTotal
- Metadefender OPSWAT
Análisis sitios web maliciosos
- AbuseIPDB
- BrightCloud URL/IP Lookup
- Comodo Web Inspector
- Desenmascara.me
- FortiGuard lookup
- Google Safe Browsing
- hashdd
- IBM X-Force Exchange
- Joe Sandbox URL Analyzer
- Is It Hacked
- IsItPhishing
- Kaspersky VirusDesk
- KnownSec
- Norton Safe Web
- Palo Alto Networks URL Filtering
- PhishTank
- Malware Domain List
- MalwareURL
- McAfee TrustedSource
- MxToolbox
- Open Threat Exchange
- PassiveTotal
- Pulsedive
- Quttera ThreatSign
- Reputation Authority
- Scamadviser
- Sucuri SiteCheck
- Talos Reputation Lookup
- Trend Micro Site Safety Center
- Unmask Parasites
- URL Query
- urlscan.io
- URLVoid y IPVoid
- VirusTotal
- vURL
- ThreatMiner
- WebPulse Site Review
- Zscaler Zulu URL Risk Analyzer
Blacklists de IPs y registros de malware
- Artists Against 419
- ATLAS from Arbor Networks
- Blackweb Project: Optimizado para Squid
- CLEAN-MX Realtime Database
- CYMRU Bogon List
- DShield Blocklist
- FireHOL IP List
- Google Safe Browsing API
- Malwarebytes Browserguard
- Malware Domain Blocklist x
- Malware Patrol’s Malware Block Lists x
- MalwareURL List
- OpenPhish
- PhishTank Phish Archive
- Project Honey Pot’s Directory of Malicious IPs
- Risk Discovery
- Scumware.org
- Shadowserver IP and URL Reports:
- URLhaus
- VoIP Blacklist
- www.BlockList.de
Sandbox
- Any.run https://app.any.run
- Comodo Valkyrie (https://valkyrie.comodo.com)
- Hybrid Analysis (Falcon Sandbox) (http://www.hybrid-analysis.com/)
- Intezer Analyze https://www.intezer.com
- SecondWrite Malware Deepview https://www.secondwrite.com
- Jevereg (Amnpardaz Sandbox) http://jevereg.amnpardaz.com/
- IObit Cloud http://cloud.iobit.com
- VMRay Analyzer: https://www.vmray.com
Discontinuados
- Anubis http://anubis.iseclab.org/ (discontinued)
- BinaryGuard (TBM Cloud Sandbox) http://www.binaryguard.com
- Tried to register, but its website does not work.
- BitBlaze http://bitblaze.cs.berkeley.edu/(discontinued)
- Comodo Instant Malware Analysis http://camas.comodo.com/ (discontinued)
- Deepviz (https://sandbox.deepviz.com/) (services cannot be subscribed anymore)
- Eureka http://eureka.cyber-ta.org/(discontinued)
- Malwr (Cuckoo Sandbox) (http://malwr.com/) (down)
- ThreatExpert Automated Threat Analysis (redirects to symantec.com) (http://www.threatexpert.com/)
- Viper https://viper.malwareconfig.com/ (down)
Análisis de archivos PDF/DOC/PDF/JS
- Scan Maldoc | Document+PDF Malware Analysis | https://scan.tylabs.com/
- Malware Tracker PDF Examiner (http://www.malwaretracker.com/pdf.php)
Análisis archivos maliciosos para Android
- SandDroid http://sanddroid.xjtu.edu.cn
1 Comentarios
Thanks for sharing Please Checkout NTS Jobs Newspaper
ResponderBorrar