Whether you are a sysadmin, a threat intel analyst, a malware researcher, forensics expert, or even a software developer looking to build secure software, these 15 free tools from GitHub or GitLab can easily fit into your day-to-day work activities and provide added advantages.
Editor's note: This article, originally published in April 2016, has been updated to include tools that are currently in popular use.
[ Learn how to track and secure open source in your enterprise. | Get the latest from CSO by signing up for our newsletters. ]1. ELF Parser
Many virtualized malware analysis and sandboxing solutions exist to peek into Windows malware, but analyzing suspicious macOS or Linux binaries becomes slightly more challenging with limited tools available to study the behavior of these native executables. I experienced this challenge when ascertaining the behavior of a hard-to-detect macOS and Linux malware packed in an ELF executable. This is where, ELFParser, combined with traffic analysis tools like WireShark and static analysis tools like hexdump, made the research a tad easier.ELF Parser neatly breaks down strings found inside of an ELF executable by URLs, strings, IP addresses, calls and network functions. The tool also highlights signs of any suspicious activities like as information gathering, reconnaissance (e.g., retrieving ..
Support the originator by clicking the read the rest link below.
