Awesome security services and tools

This is a list of online security services and tools for quick analysis and reporting of files, hashes, IPs, domains, etc.

Something missing or link broken? Send me a pull request!

General Tools

• https://gchq.github.io/CyberChef/ ⭐️
  • The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis
• https://hackertarget.com
  • Free Online Net-, DNS-, IP- & Web-Tools. Chrome extension available
• https://www.base64decode.org
• https://3v4l.org
  • Deobfuscate PHP-Code (Example: https://3v4l.org/EaAbU#output)
• http://www.unphp.net/
  • UnPHP is a free service for analyzing obfuscated and malicious PHP code.
• http://deobfuscatejavascript.com
  • Deobfuscate JavaScript
• https://lelinhtinh.github.io/de4js/
  • Deobfuscate JavaScript
• http://icebuddha.com
  • IceBuddha is a hex viewer and generic binary file parser that runs in the browser.
• http://icebuddha.com/slopfinder.htm
  • Statically analyzes Windows executable files to look for use of DEP and ASLR
• https://onlinedisassembler.com/odaweb/
  • Disassemble On Demand - Explore executables by dissecting its sections, strings, symbols, raw hex and machine level instructions

Malicious Domains/URLs

Analyse

• https://urlscan.io ⭐️
• https://www.virustotal.com/gui/home/url
• https://www.google.com/transparencyreport/safebrowsing/diagnostic/index.html
• http://urlquery.net [Down 2020-12-13]
  • urlQuery.net is a service for detecting and analyzing web-based malware. It provides detailed information about the activities a browser does while visiting a site and presents the information for further analysis.
• https://www.joesandbox.com/#windows
  • URL Analyzer is based on Joe Sandbox Desktop which performs deep malware analysis.
• https://www.scumware.org/search.php
• https://www.fortiguard.com/

Report only

• https://safebrowsing.google.com/safebrowsing/report_general/

Malicious Files

Scan

• https://www.virustotal.com/#file (Files, hash, URL, domain, IP address)
• https://virusscan.jotti.org (Files)
• http://www.virscan.org (Files)
• https://www.metadefender.com/#!/scan-file (Files, hash, IP address)
• https://www.f-secure.com/en/web/labs_global/submit-a-sample (Files)
• https://secure2.sophos.com/en-us/support/contact-support.aspx (Files, domaain)
• https://detux.org/ (Linux binaries) [Down 2020-12-13]

Sandbox Analysis

• https://cuckoo.cert.ee ⭐️
  • Based on Cuckoo Sandbox
• https://malwr.com [Down 2019-07-09 - 2020-09-07 - 2020-12-13]
  • Based on Cuckoo Sandbox and VirusTotal
• https://www.hybrid-analysis.com
  • Supporting PE, Office, PDF, APK files and more (e.g. EML).
• https://www.file-analyzer.net
  • EXE, DLL, PIF, SCR, CPL, BAT, COM, CMD, PS1, PS2, VBS, VBE, JS, JSE, CHM and LNK
• https://www.document-analyzer.net
  • DOC(X)(M), XLS(X)(M), PPT(X)(M), RTF and PDF
• https://www.apk-analyzer.net
  • APKs
• http://akana.mobiseclab.org [Down 2020-12-12]
  • APKs
• https://any.run
  • Interactive sandbox

SPAM / Phishing

• https://www.opswat.com/metadefender-email-security-cloud-mesc-faq
  • Forward suspicious emails to [email protected] for malware scanning and data sanitization.

Report only

• https://support.google.com/mail/contact/abuse
  • GMail abuse form

IP-Addresses

• https://www.metadefender.com/#!/submit-ip
  • Scan an IP address using 12 sources to determine if it has been compromised.

Open Threat Exchange (OTX)

• https://otx.alienvault.com
• https://exchange.xforce.ibmcloud.com/
• https://developers.facebook.com/products/threat-exchange (closed beta)

---

2DO

• https://zeltser.com/automated-malware-analysis
• https://zeltser.com/malicious-ip-blocklists