sudo apt-get install python-pip sudo pip install PyYAML sudo pip install BeautifulSoup git clone https://github.com/cvandeplas/pystemon

マルウェア管理、解析フレームワーク http://viper-framework.readthedocs.org/en/latest/index.html Viper is a binary analysis and management framework. sudo apt-get install gcc python-dev python-pip sudo pip install SQLAlchemy PrettyTable pyth…

============================================================== nginxのインストール #vi /etc/yum.repos.d/nginx.repo[nginx] name=nginx repo baseurl=http://nginx.org/packages/centos/5/$basearch/ gpgcheck=0 enabled=1# yum update # yum search n…

https://santoku-linux.com/

lsass.exeの正しい位置 winlogon.exe | --- lsass.exe --- services.exe | --- Process_A.exe --- Process_B.exe --- Process_B.exe --- Process_B.exe --- Process_B.exe --- Process_B.exe ※「lsass.exe」は一つのみ、複数ある場合はおかしい。 ※「lsass.e…

【旧】 # mount -o loop,ro,show_files,streams_interface=windows,offset=32256 /mnt/hgfs/image.dd /mnt/windows_mount # log2timeline -z Japan -p -r -f winxp /mnt/windows_mount -w supertimeline.txt # l2t_process -b supertimeline.txt > supertime…

/etc/td-agent/td-agent.conf type tail path /var/log/httpd/access_log pos_file /var/log/td-agent/apache2.access_log.pos format apache2 tag mongo.apache.access type mongo database apache collection access host localhost port 27017

偽サーバ,DNS,HTTPなど INetSim: Internet Services Simulation Suite - Project Homepage # Available service names are: # dns, http, smtp, pop3, tftp, ftp, ntp, time_tcp, # time_udp, daytime_tcp, daytime_udp, echo_tcp, # echo_udp, discard_tcp,…

Home Page - www.SecurityXploded.com

2010 2013 sandro suffert memory forensics introdutory work shop - pub…

Malware-Analyzer.com is your solution to malware analysis tools, resources, and discounted malware reverse engineer training. Malware-Analyzer.com has a variety of tools from automated analysis to memory forensics. If you have a malware an…

Open Security Research: UnBup - McAfee BUP Extractor for Linux

PE-bear | hasherezade's 1001 nights

winitor

Python extension for WinDbg Python extension for WinDbg - Home

pev download | SourceForge.net]

Reversing PE executable files require a special tools because the payload that may contain the malware in PE files is packed inside another executable file that can be a legitimate. This makes a standard static analyses tool wont be able t…

【要注意】 玄関の「U字ロック」はひもで簡単に開けられるらしい 強姦目的で解錠し侵入した男「方法はネットで調べた」 （動画あり） | ニュース２ちゃんねる

offensive-security http://www.offensive-security.com/reports/penetration-testing-sample-report-2013.pdf

obfuscation Ghetto Forensics: Malware Analysis: The State of Java Reversing Tools

Mount shadow volumes on disk images - ForensicsWiki

Volume Shadow Copy forensic RRTX Blog: ShadowKit - Working with Disk Images

VirtualKD is a tool that improves your kernel debugging performance with VMWare and VirtualBox. VirtualKD - Windows Kernel Debugger Booster for Virtual Machines

Dropbox Forensics | Forensic Focus - Articles

Metasploitable is an intentionally vulnerable Linux virtual machine Metasploitable - Browse /Metasploitable2 at SourceForge.net

Taint-enabled Reverse Engineering Environment on top of a Cross-platform Binary Symbolic execution System tree-cbass - Taint-enabled Reverse Engineering Environment on top of a Cross-platform Binary Symbolic execution System - Google Proje…

Packet/Traffic Generator and Analyzer Ostinato

CanSecWest Applied Security Conference: Vancouver, British Columbia, Canada

http://www.malware.lu/Pro/RAP002_APT1_Technical_backstage.1.0.pdf

SANS Digital Forensics and Incident Response Blog | Getting Started with Linux Memory Forensics | SANS Institute