Cuckoo Sandbox might be a bit more popular than Burp Suite. We know about 18 links to it since March 2021 and only 13 links to Burp Suite. We are tracking product recommendations and mentions on various public social media platforms and blogs. They can help you identify which product is more popular and what people think of it.
You can detonate it into a VM running an instance of Cuckoo Sandbox. If you want to go the extra mile, you can dump the memory of said VM and analyse it with Volatility Framework. Also, if you want to quickly identify behavioural patterns in executable code, you can use Mandiant's CAPA tool (though idk if it works on .pdfs). Source: about 1 year ago
You should save a copy of the .exe, copy it into a VM running Cuckoo and get a report on exactly what the .exe does. Without this automated dissection, people are making educated guesses. They're probably right, but why not be certain? There is an online version too - https://cuckoosandbox.org. Source: about 1 year ago
You could use a service like cuckoo to check links/files. Source: over 1 year ago
I made my own lab in college using a series of VM's, A windows 10 machine that was packed with analysis tools, a kali listening machine (running inetsim or fakenet, I can't remember.) and I had remnux on another machine (which I ended up not really making use of, but it was there.) I used virtualbox and ran these VM's in an internal network, no internet access. Disabled all clipboard and file sharing after... Source: over 1 year ago
Another option if you want to self-host is https://cuckoosandbox.org/ . Of note, it's currently an unmaintained project so issues may not receive support, but it is free. Source: over 1 year ago
In addition, tools such as snyk or burp can be used to control the dependencies of a project. - Source: dev.to / 4 days ago
Check https://portswigger.net, they have learning material and labs about this topic. Source: over 1 year ago
I ask about serving websites because understanding how a web server works (very basically) with a browser or any client is a huge step in understanding HTTP, host headers, and even host header attacks (if you're into that sort of thing.. As an aside I did a quick google search and https://portswigger.net/ showed up.. Apparently they have interactive labs and very informative documentation on various attack... Source: almost 2 years ago
As you are quite new to the hobby, I would definitely recommend you go to portswigger.net academy. They give you a quite thorough understanding in all the fundamentals and they have labs set up where you can practice everything you learn at each step. The best part is you can learn at your own pace and it's all free. Source: almost 2 years ago
Connect your PC (with Burp Suite installed) and Android to the same network. > Note — Here my PC’s IP is 192.168.43.20 and Android’s IP is 192.168.43.180. - Source: dev.to / almost 2 years ago
Any.Run - Interactive malware hunting service. Any environments ready for live testing most type of threats.
Nessus - Nessus Professional is a security platform designed for businesses who want to protect the security of themselves, their clients, and their customers.
Sandboxie - Sandboxie is a program for Windows that is designed to allow the user to isolate individual programs on the hard drive.
Qualys - Qualys helps your business automate the full spectrum of auditing, compliance and protection of your IT systems and web applications.
VirusTotal - VirusTotal is a free service that analyzes suspicious files and URLs and facilitates the quick...
OpenVAS - The Open Vulnerability Assessment System (OpenVAS) is a framework of several services and tools...