🔐 Comprehensive List of Forensics and Security Analysis Resources

En oppdatert samling av verktøy og tjenester for URL-analyse, malware-deteksjon, phishing-beskyttelse, digital forensics, og mer.

---

🌐 URL Analysis and Phishing Protection

• 🔍 urlscan.io
  Analyzes websites for hidden scripts, network activity, and security issues.

• 🛡️ PhishTool
  Assists in analyzing and documenting phishing attacks, including email headers and links.

• 🔗 VirusTotal
  Scans files and URLs for malware and other threats using multiple antivirus engines.

• 🖼️ url2png
  Takes screenshots of websites across different platforms and browsers to document suspicious URLs.

• 🔍 Google Safe Browsing
  Allows you to check if a URL is marked as unsafe or malicious by Google.

• 🛡️ CheckPhish
  A phishing detection platform that uses AI to detect phishing websites and scam campaigns.

---

🧑‍💻 File and Malware Analysis

• 🧬 Hybrid Analysis
  A free malware analysis service powered by CrowdStrike that lets you analyze suspicious files and URLs.

• 🔬 Any.Run
  A real-time interactive sandbox for malware analysis that allows you to watch the behavior of suspicious files.

• 🚨 Cuckoo Sandbox
  An open-source automated malware analysis system that inspects the behavior of suspicious files in a virtual environment.

• 🦠 MalwareBazaar
  A database of malware samples, provided by security researchers to share threat intelligence.

• 🐛 Joe Sandbox
  A malware analysis platform for in-depth inspection of malicious files and their behavior.

• 🔍 Intezer Analyze
  Provides in-depth analysis of malware and file similarity, detecting code reuse to identify malware families.

---

🖥️ Network and Traffic Analysis

• 🌍 Wireshark
  The world's most widely used network protocol analyzer that lets you see what's happening on your network at a micro-level.

• 🌐 Netcraft
  A service that provides detailed information on websites, including their hosting infrastructure and security status.

• 🔒 Shodan
  Known as the "search engine for the internet of things," Shodan scans the internet for connected devices, services, and vulnerabilities.

• 📡 DNSDumpster
  A DNS investigation tool that provides domain information and visual maps of DNS records.

• 🔗 GreyNoise
  Analyzes mass internet scanning activity to help you distinguish between benign background noise and targeted attacks.

---

🔍 Open-Source Intelligence (OSINT)

• 🕵️‍♂️ The Harvester
  Gathers emails, subdomains, IPs, and domains from public sources such as search engines.

• 👁️ SpiderFoot
  An automated OSINT tool for gathering information from various data sources like IPs, domains, emails, and more.

• 🧠 Maltego
  A visual link analysis tool for gathering and connecting OSINT data points to map out relationships between domains, emails, and other data.

• 🕵️‍♀️ Recon-ng
  A full-featured web reconnaissance framework written in Python that automates the process of gathering OSINT.

---

🛡️ Digital Forensics

• 🔍 Autopsy
  An open-source digital forensics tool for hard drive and smartphone analysis, used to uncover deleted files and activity.

• 🔧 FTK Imager
  A forensic imaging tool that can capture, preview, and recover data from digital media.

• 💻 X-Ways Forensics
  A powerful Windows-based forensics tool used to examine and analyze file systems, disk images, and memory dumps.

• 🔦 Volatility
  An open-source memory forensics framework for analyzing RAM dumps and finding artifacts from malware or system activity.

• 🛠️ Magnet AXIOM
  A digital forensics tool used to recover, analyze, and report on digital evidence across computers and mobile devices.

---

💻 Cloud Security Tools

• ☁️ CloudSploit
  A cloud security monitoring service for AWS, Azure, and GCP environments.

• 🔒 Prowler
  A security tool to perform AWS and GCP security best practice assessments.

• 🔍 ScoutSuite
  An open-source multi-cloud security auditing tool that helps identify misconfigurations in cloud environments.

---

🔧 Vulnerability Scanners and Penetration Testing

• 🔑 OpenVAS
  An open-source vulnerability scanning tool used to find security issues in web applications and networks.

• 🛠️ Nessus
  A popular vulnerability scanner used to find security holes and vulnerabilities in operating systems, networks, and applications.

• 🐉 Kali Linux
  A Debian-based Linux distribution designed for digital forensics and penetration testing, including many built-in tools.

• 🛡️ Metasploit
  A penetration testing framework that helps security professionals find and exploit vulnerabilities in systems.

• 🔗 Burp Suite
  A web vulnerability scanner used to identify and exploit security vulnerabilities in web applications.

---

🔐 Password Security and Breach Detection

• 🔓 Have I Been Pwned?
  A service that allows users to check if their email addresses or passwords have been compromised in data breaches.

• 🛡️ DeHashed
  A search engine for leaked databases that lets you search for compromised credentials and personal data.

• 🛠️ LeakCheck
  A service for checking if usernames, passwords, or personal information have been leaked in data breaches.

• 🔐 Pwned Passwords
  A service to check if a password has been compromised in previous data breaches.

---

📝 Documentation and Learning Resources

• 🎓 Sans Institute
  A leading provider of cybersecurity training, certifications, and research.

• 📖 OWASP (Open Web Application Security Project)
  A community that creates free tools and resources for improving the security of web applications, most known for the OWASP Top 10.

• 🧑‍🏫 Cyberdefenders
  A platform offering cyber security labs, challenges, and training for digital forensics, incident response, and more.

• 📘 Exploit Database
  A database of public exploits and software vulnerabilities maintained by Offensive Security.

---

💡 Tips: It's crucial to validate the security of any online resources you use. Ensure you work in a safe environment, especially when handling potentially malicious content like malware or phishing data.

Ja, Cisco tilbyr en tjeneste for å sjekke MD5-hasher mot kjente malware-signaturer, kjent som Cisco Talos File Reputation Lookup. Det finnes flere andre tjenester som gjør lignende oppgaver, og som kan hjelpe deg med å sjekke om en MD5-hash tilhører en kjent malwarefil. Her er en liste over slike tjenester:

1. Cisco Talos File Reputation Lookup

• Beskrivelse: Denne tjenesten fra Cisco lar deg sjekke MD5-hasher, SHA1, eller SHA256 mot deres database med kjente trusler.
• URL: Cisco Talos File Reputation

2. VirusTotal

• Beskrivelse: VirusTotal er en av de mest populære tjenestene som lar deg sjekke MD5, SHA1, og SHA256-hasher mot et stort antall antivirusmotorer for å oppdage om filen er malware.
• URL: VirusTotal

3. Hybrid Analysis

• Beskrivelse: Hybrid Analysis tilbyr også en tjeneste hvor du kan sjekke en MD5-hash mot deres database med malware-prøver. Det gir detaljerte analyser av filene, inkludert deres oppførsel i en sandbox-miljø.
• URL: Hybrid Analysis

4. IBM X-Force Exchange

• Beskrivelse: IBM X-Force Exchange lar deg søke etter MD5-hasher for å finne informasjon om filer som er kjent som malware eller er blitt rapportert som mistenkelige.
• URL: IBM X-Force Exchange

5. MalwareBazaar

• Beskrivelse: MalwareBazaar, drevet av abuse.ch, lar deg sjekke MD5-hasher, samt SHA1 og SHA256, mot deres database med malwareprøver. Du kan også laste ned malwareprøver for analyse.
• URL: MalwareBazaar

6. Kaspersky Threat Intelligence Portal

• Beskrivelse: Kaspersky lar deg søke etter MD5, SHA1, og SHA256-hasher i deres trusseldatabase. Tjenesten gir innsikt i om filen er ondsinnet og tilbyr detaljert informasjon om den.
• URL: Kaspersky Threat Intelligence

7. FileScan.IO

• Beskrivelse: FileScan.IO tilbyr en gratis tjeneste for å sjekke MD5, SHA1, og SHA256-hasher, samt å analysere filer for malwareoppførsel.
• URL: FileScan.IO

8. ReversingLabs TitaniumCloud

• Beskrivelse: ReversingLabs tilbyr en tjeneste for å sjekke MD5-hasher, samt SHA1 og SHA256, mot deres store malware-database. Denne tjenesten er kjent for rask respons og grundige rapporter.
• URL: ReversingLabs TitaniumCloud

9. Dr.Web Online Check

• Beskrivelse: Dr.Web tilbyr en tjeneste hvor du kan sjekke MD5, SHA1, eller SHA256-hasher for å se om de er relatert til kjente malware.
• URL: Dr.Web Online Check

10. ThreatMiner

• Beskrivelse: ThreatMiner gir deg muligheten til å sjekke MD5-hasher mot deres trusselinformasjon. Den gir også innsikt i trusler relatert til domenenavn, IP-adresser, og URL-er.
• URL: ThreatMiner

11. Intezer Analyze

• Beskrivelse: Intezer Analyze lar deg sjekke MD5, SHA1, og SHA256-hasher mot deres database. Tjenesten identifiserer kodegjenbruk i filer, og detekterer om koden ligner på kjente malwarefamilier.
• URL: Intezer Analyze

12. TotalHash

• Beskrivelse: TotalHash lar deg søke etter MD5-hasher og gir deg tilgang til en stor database med malwareprøver og analyser.
• URL: TotalHash

---

Oppsummering

Dette er en samling av noen av de mest populære tjenestene for å sjekke MD5, SHA1, og SHA256-hasher mot store trusseldatabaser. De fleste av disse tjenestene gir deg detaljert informasjon om filen, inkludert om den er kjent som malware eller ikke, samt en analyse av filens oppførsel hvis tilgjengelig.

For sikkerhetsarbeid anbefales det å bruke flere tjenester for å kryss-sjekke resultater og få en bredere forståelse av trusselen.