RE+DFIR101 - Malware Analysis Short Stories


  ___ ___ ___ ___ ___ ___ _____   ___  ___   _   ___ 
 |   \_ _/ __/ __| __/ __|_   _| / __|/ __| /_\ | _ \
 | |) | |\__ \__ \ _| (__  | |   \__ \ (__ / _ \|   /
 |___/___|___/___/___\___| |_|   |___/\___/_/ \_\_|_\
                                                     
Open Source Intelligence		
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

OPEN SOURCE INTELLIGENCE

1. Using collected Indicators of Compromise (IOC) search open repositories for more information:(i.e. hashes, domains, ips, etc...)

a. Total Hash
b. Virus Total
c. Threat Crowd
d. Reverse IT

2. Checking each information source consider what behavioral, static, and comments are made that will enable you.

3. Never upload a sample if it is related to a active incident...search on IOCs. Remember the owner of the software
can monitor these sources just like you can.

------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

HOME × GITHUB × YOUTUBE × LINKEDIN × BLOG