The article examines the key tools that every security analyst should know to effectively protect digital assets. These tools include programs for network traffic analysis, intrusion detection, malware analysis, auditing, and system change tracking. VirusTotal, Browserling, Hybrid Analysis, Shodan, Spur, and others stand out among them. Proficiency in these tools and a deep understanding of cybersecurity principles are essential to being a successful security analyst.
VirusTotal is one of the most popular online malware analysis tools. It allows you to upload files, IP addresses, hashes and URLs for scanning by multiple antivirus engines.
Browserling is an online cross-browser testing service that allows web developers to test their sites across different browsers and browser versions. The service provides the ability to view and test websites in real time.
It is an online malware analysis platform that analyzes suspicious files and URLs in a secure software environment. The tool provides comprehensive data on the behavior and potential impact of analyzed content.
It is a popular search engine for Internet-connected devices, often used by security researchers and penetration testers. The tool can help identify vulnerable IoT systems and servers by providing detailed information about their operating systems.
Spur is an open source threat intelligence platform that enables security analysts to collect, analyze and share threat intelligence data. The tool provides real-time monitoring, advanced IP and endpoint analytics, automatic threat detection and response capabilities.
Allows you to intercept suspicious URLs and check website links for compatibility and security issues. Supports a wide range of browsers and operating systems, providing real-time visualization analysis.
Phish Tank is a community-driven database of known malicious websites that can help identify phishing targets. Security professionals and enthusiasts can add to the database by reporting new phishing sites.
CheckPhish.ai is an AI-powered phishing detection tool that quickly identifies threats. The tool uses advanced machine learning algorithms to analyze email content, IP addresses, and domain names.
It is an open threat intelligence platform where you can access and share threat intelligence data. The tool also includes real-time monitoring, threat analytics, and network and endpoint response.
Another online malware analysis platform that allows security analysts to run and analyze suspicious files and URLs in a safe and controlled environment. The tool provides real-time behavioral.
Another great tool I came across recently. This app provides a safe browsing environment to check suspicious links and browse with increased privacy. Think of it as a “recorder phone” for browsing the web.
This is a built-in feature in Windows 10/11 that allows security analysts to safely run and evaluate untrusted programs and files. The tool creates a secure isolated environment that does not affect the OS.
This is a web-based tool that allows you to assess and resolve connectivity issues with Microsoft Office 365 and Exchange Server. Provides detailed reports and diagnostic information to help system administrators identify problems.
PolySwarm is a decentralized threat intelligence marketplace that allows security analysts to access and share threat intelligence data. Features include advanced threat analytics, automatic triage and early detection, and response capabilities.
Whether you’re looking for bug bounties or doing OSINT research, DNSDumpster is great for scouting. It provides detailed information about DNS records and domains. One of my favorite features is the graphical representation of the results.