More on tools/resources/blogs
If you've paid any attention to my past diaries, you know that I like to collect tools that are useful for packet analysis, malware analysis, memory analysis, log analysis, etc. Here are a few of the new/interesting/different/updated tools or resources that I've looked at or heard about over the last several months since I last posted on the topic.
- PyFlag - Dr. Michael Cohen's python forensic and log analysis system (he even recently got it, at least partially, running under Windows). Be sure to also take a look at the Volatility-PyFlag DFRWS Forensic Challenge submission.
- http://packetlife.net/ (an interesting blog) and especially http://packetlife.net/cheatsheets/
- psad - an interesting tool for attack detection using iptables logs
- Harlan Carvey had a post on his blog last month about analyzing browser artifacts that I thought was very good and pointed to some other tools.
- Cert.org had a nice blog post about ping sweeps in IPv6
- webFileScanner.pl - a pen test tool from 0x0e
Enjoy.
My next class:
LINUX Incident Response and Threat Hunting | Online | US Eastern | Jan 29th - Feb 3rd 2025 |
×
Diary Archives
Comments