/EvidenceWiki

All of my threat intel recommendations for aspiring Information Security Analyst. This section contains information about evidence at analyst's disposal IP, domain, email, hash, files.

EvidenceWiki

All of my threat intel recommendations for aspiring Information Security Analyst. This section contains information about evidence at analyst's disposal IP, domain, email, hash, files.

Useful Extention

  • Mitaka - Chrome - for searching IP, domain, URL, hash, etc. via the context menu.
  • Mitaka - Firefox - for searching IP, domain, URL, hash, etc. via the context menu.

Threat Intel Resources

Threat intel resource used by analysts on a daily basis.

💻 Domain & IP (top 6 are the most used by me)

📁 Files, Hash & Sandbox (DO NOT upload internal files!)

🐟 Phishing

👤 UserAgent:

⛏️ Miner/Blockchain

🖹 Encode/Decode

  • CyberChef - encryption, encoding, compression and data analysis.
  • Puny Coder - is a special encoding used to convert Unicode characters to ASCII, which is a smaller, restricted character set. Punycode is used to encode internationalized domain names (IDN).
  • BASE64 - Decode from Base64 format or encode into it with various advanced options.
  • Hexed - analyse and edit binary files everywhere
  • Uncoder - Universal sigma rule converter for various siem, edr, and ntdr formats
  • ShellCheck - finds bugs in your shell scripts.
  • Explain shell code - write down a command-line to see the help text that matches each argument
  • Dan's Tools - Base64
  • Code Decode/Encoder
  • Script converter - These tools include several formatters, validators, code minifiers, string escapers, encoders and decoders, message digesters, web resources and more
  • Hash Analyzer
  • Hashes examples
  • Filecrypt - The simple, secure file-hosting application

🔎 Google Dorks

🌐 OSINT

📖 Dumps

🐛 Vulnerabilities

Malware

🔄 URL Shorteners

🔑 List of Default Passwords

🧰 Forensic

OTHER

📋 CheatSheets

✍️ Effective Writing