// TOOLS & RESOURCES

Tools

Curated collection of security tools, OSINT resources, and threat intelligence platforms we use and recommend.

// MALWARE ANALYSIS

Analysis & Sandboxing

CA

CAPEv2

Open-source malware sandbox derived from Cuckoo. Automated behavioral analysis with memory dumps, API tracing, and network capture.

Sandbox Open Source Python
GH

Ghidra

NSA's open-source software reverse engineering framework. Disassembly, decompilation, and scripting for binary analysis.

Reverse Engineering NSA Java
YA

YARA

Pattern matching tool for malware researchers. Write rules to identify and classify malware families based on binary patterns.

Detection Rules Classification
// OSINT & RECONNAISSANCE

OSINT Tools

SH

Shodan

Search engine for internet-connected devices. Discover exposed services, vulnerabilities, and infrastructure across the internet.

Recon IoT API
MT

Maltego

Visual link analysis tool for OSINT investigations. Map relationships between entities across data sources.

Link Analysis Visualization Transforms
SP

SpiderFoot

Automated OSINT collection and reconnaissance framework. Integrates 200+ data sources for comprehensive footprinting.

Automation Open Source Python
// THREAT INTELLIGENCE

Intel Platforms

VT

VirusTotal

Multi-engine malware scanning and threat intelligence aggregation. File and URL analysis with community-driven intelligence.

Scanning API Community
OT

AlienVault OTX

Open threat exchange platform. Community-contributed IOCs, pulses, and threat data for collaborative defense.

IOCs Community Free
MI

MISP

Open-source threat intelligence sharing platform. Structured IOC sharing with taxonomies and correlation engine.

Sharing Open Source STIX/TAXII