Don’t ask me how I got this list … 😶
If you have any tips for what list should include, please use the contact page to get in touch with me.
Software and tools #
The Cyber Swiss Army Knife #
- Cyberchef - A must-have web application developed by the British GCHQ for encryption, encryption, compression and data analysis applications.
Hex editors #
- XXD - Linux tool for making hexdumps
- HexEdit - CLI hex editor for Linux
- Bless - GUI hex editor for Linux
- HxD - GUI hex editor for Windows
- Hex Fiend - GUI hex editor for MacOS
PE analysis #
- PE Studio - Tool for initial malware triage
- CFF Explorer - Parser and editor for Windows PE binaries
Disassemblers #
- IDA - nteractive Disassembler for various executable file formats and architectures
- Ghidra - Reverse engineering tool developed by the US National Security Agency (NSA)
Dynamic Analysis #
- x64 Debugger - Windows Tool for debugging binaries
- Fakenet - Tool for simulating generic internet services in a lab environment developed by FireEye
- iNetSIM - Tool for simulating generic internet services in a lab environment
Networkanalysis #
- WireShark - Tool for analyzing network protocols
- Networkminer - Passive sniffer and packet capturing tool. Also suitable for exploring network traffic
- Moloch - Tool for capturing, indexing and searching network traffic
- Brimsecurity - Desktop application for indexing and searching network traffic
- Snort - Open-source Intrusion Detection System (IDS), Intrusion Prevention System (IPS)
- Suricata - Open-source Intrusion Detection System (IDS), Intrusion Prevention System (IPS) and Network Security Monitor (NSM)
- Zeek - Open-source Network Security Monitor (NSM)
Data analysis and visualization #
- Kibana - Tool for exploring and visualizing Elasticsearch data
- Elasticsearch - Open-source distributed search engine for various types of data
Operating Systems #
- SIFT - Linux OS provided with various Digital Forensics and Incident Response tooling developed by SANS
- REMNUX - Linux OS provides various malware analysis tools
- Kali - Linux OS providing various Penetration Testing and Ethical Hacking tools
- FlareVM - Windows OS provides various malware analysis tools
Analyze mobile apps #
- JD-GUI - Open-source Java Disassembler for rebuilding “.class” files
- APKTool - Tool for reverse engineering APK files
- Dex2Jar - Open-source tool to turn Android Dex files into Jar files.
Memory Forensics #
- Volatility - Open-source memory forensics toolkit
- Rekall - Open-source memory forensics framework, includes additional functions for Forensics and Incident Response
Forensics #
- The Sleuth Kit - A collection of CLI tools for forensics on disk images
- FTK Imager - A data preview and imaging tool that lets you quickly assess electronic evidence to determine if further analysis with a forensic tool
Virtualization #
- VMWare Player - Virtualization software for Linux, Windows and MacOS
- VirtualBox - Virtualization software for Linux, Windows and MacOS
Password cracking #
- THC-Hydra - Popular password brute-forcing tool that supports a large number of protocols
- John - Open Source password security auditing and password recovery tool
- Hashcat - Password cracking tool that supports a large number of hashes
Reading material #
Reverse engineering information #
- Automated Malware Analysis - An overview of free tools and web services suitable for automated malware analysis
- Malicious IP Blocklists - An overview of various malicious IP and URL blocklists
- Malware Analysis Tools - An overview of free frameworks for automated malware analysis
- Remnux Malware Analysis Tips - A cheat sheet of various tools available in the REMnux Linux distribution
- Analyzing Malicious Documents - A cheat sheet for analyzing malicious documents
- Malware Analysis Cheat Sheet - A cheat sheet for analyzing malicious software
- Didier Stevens Tools - An overview of various tools developed by security researcher Didier Stevens
Reverse engineering tutorials #
- Flare-On Challenge 2018 - Solutions of the FireEye Flare-On Challenge 2018
- Flare-On Challenge 2019 -Solutions of the FireEye Flare-On Challenge 2019
Cheat sheets (general) #
- SANS Digital Forensics Cheat Sheet - SANS overview of cheat sheets for various forensic tools and software
- The Ultimate List of SANS Cheat Sheets - SANS overview of cheat sheets in the field of IT Security, Digital Forensics and Incident Response