Tools

Here’s a list of online tools I use often or have saved for the occasional odd use.

DNS

• DNSlytics - Reverse IP, NS, MX, WHOIS and Search Tools
• Network-Tools - Ping, Traceroute, WHOIS & More
• WebDNSTools - DNS Lookup, Domain Configuration Check, and IP Calculator

Analysis

• Any.Run - Interactive Online Malware Analysis Sandbox
• CyberChef - The Cyber Swiss Army Knife
• Malware-Traffic-Analysis - Malware samples, analysis, PCAP exercises
• VirusTotal - Malware samples, analysis
• ThreatMiner - Data Mining for Threat Intelligence
• ThreatCrowd - Open Source Threat Intelligence
• AlienVault OTX - Open Threat Exchange
• SANS ISC Suspicious Domains - Suspicious domain lists
• Rex Swain’s HTTP Viewer - See exactly what an HTTP request returns to your browser
• Web-Sniffer - View HTTP request and response headers
• Shodan - Search engine for Internet-connected devices
• JS Nice - Statistical renaming, Type inference and Deobfuscation
• de4js - JavaScript Deobfuscator and Unpacker
• MIME Headers Decoder - Decoder for non-ASCII text in MIME message headers

Misc

• RegExr - Learn, Build, & Test RegEx
• Shrib - Online notepad
• MITRE ATT&CK - Knowledge base of adversary tactics and techniques based on real-world observations
• Logging Cheat Sheet - Malware Archaeology
• LOLBAS - Living Off The Land Binaries, Scripts, and Libraries