I’v been working on cybersecurity for most then 10 years. During my career I’ve held numerous roles which took me facing many problems: I had to solve technical issues as well as management, economic and financial ones. Every time I needed a “tool” to help a decision or to solve a technical question I started by seeking on “sourceforge/github” looking for something that would fit my needs. If what I needed wasn’t there, I’ve always built it on my own by using what was available at that time.Nowadays, those tools are still producing data which I believe might be useful to many people. I decided to publish this data on my public website for everybody who needs it, please feel free to use it.
Honey Pot Data. I run a quite old Honey Pot Network on my own. It has been used over years for analysis and for blocking as well. You might decide to use it for analytical purpose such as: research, general statistics and malicious IP distribution or for blocking IPs through your firewall or AntiSpam, it depends to you. HERE you find a download button if you wish to download suspicious/malicious IPs.
Malware Static Analyser. Thanks to hundreds public/private YARA rules and thanks to a running analysis environment you might decide to statically investigate hashes or to figure out what are the most matched YARA rules in order to give simple attribution to a single file or to understand if it’s malicious or not (even if no behavioural analysis is performed). If you are interested on “YARA rule matcher” go HERE.
APT Detection. According to static Malware analysis we might build YARA rules to identify specific set of binaries. If we classify those binaries as “related to APT” we might extract from tons of binaries the ones that match classified YARA rules and that could be related to APTs. So here we are, this project collects and classifies hashes according to APT related rules. If you are interested on YARA rule matcher go HERE.
Cyber Threat Trends. Dealing with a big amount of Malware is a quite complex discipline especially for private and independent tools which doesn’t rely on huge infrastructures and quick database rings. Aim of this dashboard is to monitor trends over thousands even millions of samples providing quantitative analyses on what has observed during the performed automatic analyses. If you are interested on understanding what is the most common threat or how cyber threats are evolving over time please check it out HERE.