Binwalk
Binwalk is a fast, easy to use tool for analyzing, reverse engineering, and extracting firmware images. Prior to Binwalk v2.3.3, extracted archives could create symlinks which point anywhere on the file system, potentially resulting in a directory traversal attack if subsequent extraction utilities blindly follow these symlinks. Binwalk makes use of many third-party extraction utilities which may have unpatched security issues; Binwalk v2.3.3 and later allows external extraction tools to be run as an unprivileged user using the run-as command line option (this requires Binwalk itself to be run with root privileges). Additionally, Binwalk v2.3.3 and later will refuse to perform extraction as root unless --run-as=root is specified. Even though many major Linux distros are still shipping Python 2.7 as the default interpreter in their currently stable release, Binwalk support has moved exclusively to Python 3.
FEATURES
ALTERNATIVES
Malware sandbox for executing malicious files in an isolated environment with advanced features.
A Python script that finds endpoints in JavaScript files to identify potential security vulnerabilities.
OCyara performs OCR on image files and scans them for matches to Yara rules, supporting Debian-based Linux distros.
Automate the process of writing YARA rules based on executable code within malware.
A library for running basic functions from stripped binaries cross platform.
Repository of YARA rules for Trellix ATR blogposts and investigations
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
System Two Security
An AI-powered platform that automates threat hunting and analysis by processing cyber threat intelligence and generating customized hunt packages for SOC teams.
Aikido Security
Aikido is an all-in-one security platform that combines multiple security scanning and management functions for cloud-native applications and infrastructure.
Permiso
Permiso is an Identity Threat Detection and Response platform that provides comprehensive visibility and protection for identities across multiple cloud environments.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.