Last update: 2019-10-13
URL analysis
Before clicking on that unknown potentially sketchy URL from your browser use one of these services to see if it is known to be bad or exhibits suspicious behavior without risking the sanctity of your computer.
Malware analysis
When you encounter a suspicious file, you need a way to figure out what it is and what it is trying to do. The days when a quick virus scan was enough are long gone – you need to know what those bits will do when they are executed on your system. These sites allow you to execute files safely (on someone else’s computer) and get a report as to what they would have done. Of course, you have to give the file to the service to do this, so think twice about submitting files which may include sensitive information.
- Virus Total – scans files against many, many, many signature based programs
- AnyRun
- Joe Sandbox – handles a very wide variety of file types
- Hybrid-Analysis
- Total Hash
Email analysis
With email, what you initially see is not what you probably get. It is really easy for malicious actors to spoof from addresses and other key information. Here are some tools to allow you to detect such shenanigans.
IP addresses and Domains
When you are looking through your logs and see some rando IP address or unfamiliar domain, you can use these tools to get more information.
- ViewDNS
- DNS Dumpster – find all of the IPs associated with a domain
- Internet Country Domain List
- TypoSquat – find potential lookalike domains used by bad guys
- SSL Server Test – show SSL configuration for a domain
Vulnerabilities & updates
Keeping your systems patched and up to date is one of the easiest and most powerful ways to keep the bad guys out of your systems. These sites will help you with that never ending task.
- Patch Tuesday Dashboard – summary of Microsoft’s monthly updates