SOC Analyst Skills - 4 "Must Have" Tools for Triaging and Analyzing Malware
ฝัง
- เผยแพร่เมื่อ 1 ก.ค. 2024
- In this video I provide 4 go-to quick triage tools for any security operations center SOC analyst. I show you how to use them, tell you when best to use them, and walk through the pros/cons. These tools provide you a very safe, and fast method to analyze documents and URLs to ascertain their intent. These tools will be go to like a trusty koozie in the summer time.
Josh Stroscheins Malware collection: github.com/jstrosch/malware-s...
Malware Bazaar: bazaar.abuse.ch/
Oledump: blog.didierstevens.com/progra...
Any.Run: any.run/
VirusTotal: www.virustotal.com/gui/
Pdf-Parser: pdfparser.org/
Analyzing Malicious Documents Cheat Sheet: zeltser.com/media/docs/analyz...
URLHaus: urlhaus.abuse.ch/
📱 Social Media
LinkedIn: / geraldauger
Twitter: / gerald_auger
TH-cam: / geraldauger
Discord: / discord
Twitch: / gerald_auger_simplycyber
🔥 My Curated Website of Free Cyber Resources
SimplyCyber.io
📷 🎙 💡 MY STUDIO SETUP
📷 Camera / Video
Sony Alpha a6400 amzn.to/2TZliEb
Sigma 30mm F1.4 amzn.to/3hEJFA2
Gonine AC-PW20 AC Adapter (for a6400) amzn.to/3wDZBqc
Fotga 52mm Slim Fader amzn.to/3khne5w
Boom Scissor Arm Stand amzn.to/3efSv5b
Logitech C922 Pro Stream Webcam 1080P amzn.to/3i8AI0B
BlueAVS HDMI to USB Video Capture Card 1080P amzn.to/3i5JAEk
Anker USB C to HDMI Adapter amzn.to/3kjjoJ4
60-Inch Lightweight Tripod amzn.to/36B5j1u
5X 6.5ft Portable Green Screen Chromakey Collapsible amzn.to/3efW9Mp
Glide Gear TMP100 Adjustable Teleprompter amzn.to/3B36DrZ
🎙 Audio
Blue Yeti Nano Premium USB Mic amzn.to/3efWcb3
BOYA BY-M1 3.5mm Electret Condenser Microphone amzn.to/3AZzJIN
Boom Scissor Arm Stand amzn.to/3efSv5b
Neewer Professional Microphone Pop Filter Shield amzn.to/3ekdZOi
💡 Lighting
UBeesize 10’’ LED Ring Light amzn.to/3i23qAm
Neewer Ring Light Kit:18"/48cm Outer 55W 5500K Dimmable LED Ring Light amzn.to/2U0slwo
Fovitec 2-Light High-Power Fluorescent Studio Lighting Kit amzn.to/36zDS8A
Neewer 2-Pack Dimmable 5600K USB LED amzn.to/3B0crCQ
Neewer 480 RGB Led Light amzn.to/2Vzwmbf
60-Inch Lightweight Tripod amzn.to/36B5j1u
🧑🏻💻 Workstation
2020 Apple Mac Mini with Apple M1 Chip amzn.to/3wybMVL
Logitech MX Master 3 Advanced Wireless Mouse amzn.to/3xFCkWp
Apple Magic Keyboard amzn.to/3ehMRiP
Huanuo Dual Monitor Stand Mount amzn.to/3keFZqc
Dell U2717D IPS 27" UltraSharp InfinityEdge Slim Widescreen amzn.to/36znqoG
USB C to SD Card Reader amzn.to/2VG1RRd
StarTech 2 Port USB C KVM Switchamzn.to/3efWoa7
Toshiba Canvio Basics 1TB Portable External Hard Drive USB 3.0 amzn.to/3hZOK4A
External Hard Drive Portable Carrying Case amzn.to/3r62XRM
Mountable Surge Protector Power Strip with USB 5 Outlets 3 USB Ports amzn.to/3wDmlqv
🥼 Raspberry Pi Lab
Raspberry SC15184 Pi 4 Model B 2019 Quad Core 64 Bit WiFi Bluetooth (2GB) amzn.to/3i61EhI
Miuzei Case for Raspberry Pi amzn.to/2Vzyrnz
Micro Center 32GB Class 10 Micro SDHC Flash Memory Card with Adapter amzn.to/3B0Qm6X
Micro HDMI to HDMI Cable 6FT amzn.to/3ekpiG3
👉 Some product links are affiliate links which means if you buy something SimplyCyber receives a small commission (but it all costs the same to you, so consider it supporting the channel 😉 )
🙌🏼 Donate
Like the channel and got value? Please consider supporting the channel
www.buymeacoffee.com/SimplyCyber
😎 Merch 😎
👉🏼 SimplyCyber Branded Gear: teespring.com/stores/simplycyber
🎥 Livestreams are produced through StreamYard.
$10 credit using my referral link below if you ever upgrade to pro plan.
streamyard.com?pal=6534222448689152
Disclaimer: All content reflects the thoughts and opinions of Gerald Auger and the speakers themselves, and are not affiliated with the employer of those individuals unless explicitly stated. - วิทยาศาสตร์และเทคโนโลยี
Hats off to people like Gerald who create contents like this for life-long learners.
Thanks !
Big facts greatly appreciated
Thanks a lot man. Learning a lot and currently looking for a entry level role. You have helped a lot
thanks for educating us one more step in soc.
def want to catch the livestream today withJohn Strand 3/17 at 4:30PM EST on this channel. SOC Core Skills is the topic.
any.run....added to my arsenal, thank you!
Its solid to get so much dynamic info quick. Plus I love it for just understanding better how diff malware behaves. I've also used some short videos to show end users what ransomware looks like in reality. Most end users think its like the movies with crazy effects and stuff, and its not. Thanks for watching Allen.
Thank you for this content!
Thank you, sir. Please keep going!
My pleasure
thanks for such a valuable content. Really appreciate it :)
My pleasure!
Gerald you help many many people!
I try. Thank you 😊
Really cool resources.. thanks for your effort in making this video! 👍
Thanks Kiran! You check them out yet? Which was most interesting?
@@SimplyCyber Ofcourse the any.run!
I'm reading Learning Malware Analysis book and the video was good, thanks.
Great book! Seminal text on malware analysis skills
This video is a goldmine Gerald
Great video! Thank you!
My pleasure!
wonderful content,thank you
Thank you Anxhela. I appreciate you taking the time to leave a comment and let me know your thoughts. Have a great day.
Wonderful content!
Thanks Brooks!
Hello Gerald! I have been watching many of your videos today. I am in the last stage of the hiring process for an excellent cybersec company that I truly want to work for. It is an entry level soc position but I am doing whatever it takes to prepare for those difficult security scenario interview questions. Your channel rocks!
Just seeing this now. I hope it worked out and you got the job! Best wishes.
@@SimplyCyber I got the job! Thanks!
@@huntercarter2073 YES!!!
Awesome...just pure awesome...
Thank you so much 😀
YOU'RE AMAZING!!!
Thank you Joyous. It's my pleasure. Your kind words made my day.
Hi Gerald, could you please make video about real-time scenarios as soc analyst which we may face most of the interview questions in the interview process. This will help most of the job seekers.
Great done by you thank you
Glad you enjoyed it
Very good content that’s why I subscribed even though I’m a professional blue teamer.
Thanks Edward. Appreciate the support.
timestamps would be super helpful! Great Video!
I've started adding them to my videos. Thanks for pointing out this one missing; ill go back and add to this one. Appreciate you dropping a comment and watching the content.
Thanks man
Amazing tool .
Thanks Arzoo! Tools are critical to being able to do analyst work.
You can also use Remnux and please follow the SOP of securing BIOS and system even if you are using Remnux
Thank you. Need to do a video on Remnux
Perfect ⭐⭐⭐
thank you🥰
Nice vids sir.How does thehive project and cortex works when we dealing with incident response?
The Hive is a ticketing system so you can coordinate with multiple people and have documentation. Not sure on cortex.
Hey there! 3 years down the line; how do you see future of malware analysis now? There are limited jobs and what's your take on automation in malware analysis domain? Pls assist
Bro please make a complete videos series /course on soc
I have a few videos on SOC and about to release one on an amazing Network Defense Range SOC 2-day course I took recently. Stay tuned.
@@SimplyCyber thanks sir eagerly waiting
Please try to do real time threat hunting as well
Great ccontent but would be better in 1080p (720p60 is video max) to be able to read the text on his screen when demonstrating websites or text.
My newer content is better on production
Hi Gerard, Yara is important?
Do these tips still stand in 2022?
Are you using the free version or the paid version….Quite a big difference between the two.
free
Timestamps pleaseeee
Oh ya…..I see that the professional version sorry didn’t see the whole video.
All good Edward. Thanks for all the great comments across the videos. You the man!