{"id":68,"date":"2018-01-13T16:17:00","date_gmt":"2018-01-13T16:17:00","guid":{"rendered":"http:\/\/malwrforensics.com\/en\/?page_id=68"},"modified":"2018-01-14T04:39:50","modified_gmt":"2018-01-14T04:39:50","slug":"links","status":"publish","type":"page","link":"https:\/\/malwrforensics.com\/en\/links\/","title":{"rendered":"Links"},"content":{"rendered":"\n<table id=\"tablepress-5\" class=\"tablepress tablepress-id-5\">\n<thead>\n<tr class=\"row-1\">\n\t<th class=\"column-1\">Description<\/th><th class=\"column-2\">Link<\/th>\n<\/tr>\n<\/thead>\n<tbody class=\"row-striping row-hover\">\n<tr class=\"row-2\">\n\t<td class=\"column-1\">Fysbis detection tool<\/td><td class=\"column-2\"><a href=\"https:\/\/github.com\/asaygo\/fysbis_detect\" rel=\"noopener\" target=\"_blank\">github<\/a><\/td>\n<\/tr>\n<tr class=\"row-3\">\n\t<td class=\"column-1\">Forensic Artefacts Extractor<\/td><td class=\"column-2\"><a href=\"https:\/\/github.com\/asaygo\/cybsecintel\/blob\/master\/faextr_win.py\" rel=\"noopener\" target=\"_blank\">github<\/a><\/td>\n<\/tr>\n<tr class=\"row-4\">\n\t<td class=\"column-1\">File format fuzzer<\/td><td class=\"column-2\"><a href=\"https:\/\/github.com\/asaygo\/malwrforensics\/blob\/master\/scripts\/fileformatgen.py\" rel=\"noopener\" target=\"_blank\">github<\/a><\/td>\n<\/tr>\n<tr class=\"row-5\">\n\t<td class=\"column-1\">FTP server command fuzzer<\/td><td class=\"column-2\"><a href=\"https:\/\/github.com\/asaygo\/malwrforensics\/blob\/master\/scripts\/ftpfuzz.py\" rel=\"noopener\" target=\"_blank\">github<\/a><\/td>\n<\/tr>\n<tr class=\"row-6\">\n\t<td class=\"column-1\">Volatility<\/td><td class=\"column-2\"><a href=\"http:\/\/www.volatilityfoundation.org\/#!24\/c12wa\" rel=\"noopener\" target=\"_blank\">download page<\/a><\/td>\n<\/tr>\n<tr class=\"row-7\">\n\t<td class=\"column-1\">drMemory (incuding drstrace -> strace for windows)<\/td><td class=\"column-2\"><a href=\"https:\/\/github.com\/DynamoRIO\/drmemory\/wiki\/Downloads\" rel=\"noopener\" target=\"_blank\">download page<\/a><\/td>\n<\/tr>\n<tr class=\"row-8\">\n\t<td class=\"column-1\">DumpIT - physical memory acquisition tool<\/td><td class=\"column-2\"><a href=\"http:\/\/www.moonsols.com\/2011\/07\/18\/moonsols-dumpit-goes-mainstream\/\" rel=\"noopener\" target=\"_blank\">download page<\/a><\/td>\n<\/tr>\n<tr class=\"row-9\">\n\t<td class=\"column-1\">System Call Table - SSDT<\/td><td class=\"column-2\"><a href=\"http:\/\/j00ru.vexillium.org\/ntapi\/\" rel=\"noopener\" target=\"_blank\">link<\/a><\/td>\n<\/tr>\n<tr class=\"row-10\">\n\t<td class=\"column-1\">Manually remove macro password (hint search for \"DPB=\" and replace it with \"DP?=\")<\/td><td class=\"column-2\"><a href=\"http:\/\/enigma0x3.net\/2015\/03\/18\/removing-the-password-from-malicious-vba-projects\/\" rel=\"noopener\" target=\"_blank\">link<\/a><\/td>\n<\/tr>\n<tr class=\"row-11\">\n\t<td class=\"column-1\">SQL injection cheat sheet<\/td><td class=\"column-2\"><a href=\"https:\/\/www.netsparker.com\/blog\/web-security\/sql-injection-cheat-sheet\/\" rel=\"noopener\" target=\"_blank\">link<\/a><\/td>\n<\/tr>\n<tr class=\"row-12\">\n\t<td class=\"column-1\">XSS evasion cheat sheet<\/td><td class=\"column-2\"><a href=\"https:\/\/www.owasp.org\/index.php\/XSS_Filter_Evasion_Cheat_Sheet\" rel=\"noopener\" target=\"_blank\">link<\/a><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<!-- #tablepress-5 from cache -->\n","protected":false},"excerpt":{"rendered":"","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"class_list":["post-68","page","type-page","status-publish","hentry"],"blocksy_meta":{"styles_descriptor":{"styles":{"desktop":"","tablet":"","mobile":""},"google_fonts":[]}},"featured_image_urls_v2":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","1536x1536":"","2048x2048":""},"post_excerpt_stackable_v2":"<p>DescriptionLink Fysbis detection toolgithub Forensic Artefacts Extractorgithub File format fuzzergithub FTP server command fuzzergithub Volatilitydownload page drMemory (incuding drstrace -> strace for windows)download page DumpIT &#8211; physical memory acquisition tooldownload page System Call Table &#8211; SSDTlink Manually remove macro password (hint search for &#8220;DPB=&#8221; and replace it with &#8220;DP?=&#8221;)link SQL injection cheat sheetlink XSS evasion cheat sheetlink<\/p>\n","category_list_v2":"","author_info_v2":{"name":"malwrforensics","url":"https:\/\/malwrforensics.com\/en\/author\/u_malwrforensics\/"},"comments_num_v2":"0 comments","_links":{"self":[{"href":"https:\/\/malwrforensics.com\/en\/wp-json\/wp\/v2\/pages\/68","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/malwrforensics.com\/en\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/malwrforensics.com\/en\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/malwrforensics.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/malwrforensics.com\/en\/wp-json\/wp\/v2\/comments?post=68"}],"version-history":[{"count":2,"href":"https:\/\/malwrforensics.com\/en\/wp-json\/wp\/v2\/pages\/68\/revisions"}],"predecessor-version":[{"id":72,"href":"https:\/\/malwrforensics.com\/en\/wp-json\/wp\/v2\/pages\/68\/revisions\/72"}],"wp:attachment":[{"href":"https:\/\/malwrforensics.com\/en\/wp-json\/wp\/v2\/media?parent=68"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}