Cuckoo Sandbox Reviews

Burp Suite Reviews

Cuckoo Sandbox mentions (18)

• How to analyze malicious PDF?

  You can detonate it into a VM running an instance of Cuckoo Sandbox. If you want to go the extra mile, you can dump the memory of said VM and analyse it with Volatility Framework. Also, if you want to quickly identify behavioural patterns in executable code, you can use Mandiant's CAPA tool (though idk if it works on .pdfs). Source: about 1 year ago

• "PDF".exe pwns my user, but how exactly?

  You should save a copy of the .exe, copy it into a VM running Cuckoo and get a report on exactly what the .exe does. Without this automated dissection, people are making educated guesses. They're probably right, but why not be certain? There is an online version too - https://cuckoosandbox.org. Source: about 1 year ago

• Exist a way, that can tell X file that I want to download not contain any malicious file?

  You could use a service like cuckoo to check links/files. Source: over 1 year ago

• Best practices for malware analysis and securing the environment you're testing in.

  I made my own lab in college using a series of VM's, A windows 10 machine that was packed with analysis tools, a kali listening machine (running inetsim or fakenet, I can't remember.) and I had remnux on another machine (which I ended up not really making use of, but it was there.) I used virtualbox and ran these VM's in an internal network, no internet access. Disabled all clipboard and file sharing after... Source: over 1 year ago

• Sandbox?

  Another option if you want to self-host is https://cuckoosandbox.org/ . Of note, it's currently an unmaintained project so issues may not receive support, but it is free. Source: over 1 year ago

Burp Suite mentions (13)

• OWASP Dependency Check in Node js 🛡️

  In addition, tools such as snyk or burp can be used to control the dependencies of a project. - Source: dev.to / 4 days ago

• How do I by pass two step verification?

  Check https://portswigger.net, they have learning material and labs about this topic. Source: over 1 year ago

• I want to make a website with django. What are best courses/syllabus for it?

  I ask about serving websites because understanding how a web server works (very basically) with a browser or any client is a huge step in understanding HTTP, host headers, and even host header attacks (if you're into that sort of thing.. As an aside I did a quick google search and https://portswigger.net/ showed up.. Apparently they have interactive labs and very informative documentation on various attack... Source: almost 2 years ago

• How to get better at CTFs?

  As you are quite new to the hobby, I would definitely recommend you go to portswigger.net academy. They give you a quite thorough understanding in all the fundamentals and they have labs set up where you can practice everything you learn at each step. The best part is you can learn at your own pace and it's all free. Source: almost 2 years ago

• Intercept android app traffic in Burp Suite: From root to hack [ULTIMATE GUIDE for bug hunters]

  Connect your PC (with Burp Suite installed) and Android to the same network. > Note — Here my PC’s IP is 192.168.43.20 and Android’s IP is 192.168.43.180. - Source: dev.to / almost 2 years ago