This post will share what are the common resources that I have used at work daily as Malware Analyst and also CyberSOC Analyst.
Sandboxes
- Virustotal (virustotal.com)
Most popular sandbox ever known (i guess), quick, and easy to navigate. It has multiple functions that provide useful information regarding files or URLs. The main page will either ask you to upload/submit a file, enter a URL, or query a hash (unique ID for a file). It will then display the result from multiple security vendors that are available.
2. Any.Run (app.any.run)
3. Malware Bazaar (bazaar.abuse.ch)
4. Joe Sandbox (https://joesandbox.com)
5. Hybrid Falcon Analysis (https://www.hybrid-analysis.com)
URL/IP Checker
- URL Scan (urlscan.io)
- AbuseIPDB (abuseipdb.com)
- Scumware (scumware.com)
- Palo Alto Test Site(https://urlfiltering.paloaltonetworks.com)
- Sucuri (https://sitecheck.sucuri.net)
- Cisco Talos (https://www.talosintelligence.com)
- Phishtank (phishtank.org)
- SSL Checker (https://www.sslchecker.com)
