diff --git a/README.md b/README.md index 53efd54..a97bb66 100644 --- a/README.md +++ b/README.md @@ -123,6 +123,8 @@ A curated list of awesome malware analysis tools and resources * [Cuckoo Sandbox](https://cuckoosandbox.org/) - Open source, self hosted sandbox and automated analysis system. * [VirusTotal](https://www.virustotal.com/) - Free online analysis of malware samples and URLs * [Noriben](https://github.com/Rurik/Noriben) - Uses Sysinternals Procmon to collect information about malware in a sandboxed environment. + * [intezer analyzer](https://analyze.intezer.com/) - Create MITRE ATT&CK Technique Detection table + * Network * [Wireshark](https://www.wireshark.org/) - The network traffic analysis tool. @@ -131,8 +133,8 @@ A curated list of awesome malware analysis tools and resources * [MobSF](https://github.com/MobSF/Mobile-Security-Framework-MobSF) – Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. * service emulation - * [INetSim](http://www.inetsim.org/) - Network service emulation, useful when building a malware lab. - * [FakeNet](https://sourceforge.net/projects/fakenet/) - Windows Network Simulation tool for Malware Analysis + * [INetSim](http://www.inetsim.org/) - Network service emulation, useful when building a malware lab. + * [FakeNet](https://sourceforge.net/projects/fakenet/) - Windows Network Simulation tool for Malware Analysis @@ -147,7 +149,8 @@ A curated list of awesome malware analysis tools and resources * [yara](https://github.com/VirusTotal/yara) * [Python 3.8.0](https://www.python.org/downloads/release/python-380/) - for ret-sync & ida module * [yara-python](https://pypi.org/project/yara-python/) - require for ida module -* [intezer analyzer](https://analyze.intezer.com/) - Create MITRE ATT&CK Technique Detection table + + ### Tips * every .exe file can hav some import dll or aeport dll or string