ANY.RUN is an interactive online malware sandbox that provides real-time interaction, network tracking, process monitoring, and MITRE ATT&CK mapping, allowing researchers to analyze malware behavior and make adjustments during the analysis process. The service offers a range of features, including registry tracking, network requests, and static analysis, as well as a threat intelligence database contributed by a community of researchers from around the world. ANY.RUN is a cloud-based sandbox that provides a convenient and secure way to analyze malware, allowing researchers to watch the epidemic as if it was on their own computer, but with more features and security.
FEATURES
SIMILAR TOOLS
Explore the top million websites, ranked by referring subnets, and gain insights into online influence and popularity.
A collection of tips and tricks for container and container orchestration hacking
RedWarden is a Cobalt Strike C2 Reverse proxy that evades detection by Blue Teams, AVs, EDRs, and scanners through packet inspection and malleable profile correlation.
A web application security testing platform that combines manual and automated testing tools for conducting comprehensive security assessments and penetration testing.
Python utility for testing the existence of domain names under different TLDs to find malicious subdomains.
Repository of tools for testing iPhone messaging by Project Zero
A C2 profile generator for Cobalt Strike designed to enhance evasion.
Ebowla is a tool for generating payloads in Python, GO, and PowerShell with support for Reflective DLLs.
Darkarmour is a Windows AV evasion tool that helps bypass antivirus software, allowing for the creation of undetectable malware.
PINNED

Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.