🖥️ Binary Analysis
🪟 Windows
- PE Studio – Static analysis tool for Windows executables
- PEiD – Identifies packers used in Windows binaries
- Procmon.exe (Sysinternals) – Monitors API calls, registry changes, and file system activity
- Sysmon.exe (Sysinternals) – Tracks executable behavior and logs security events
🐧 Linux
- binwalk – Analyzes headers, magic numbers, and embedded files
🌐 Network Analysis
- Suricata – Intrusion Detection System (IDS) and network traffic analysis
- Snort – Open-source IDS for real-time traffic analysis
- Network Miner (Paid) – Packet capture (PCAP) analysis tool
- PacketLife – Collection of tcpdump and Wireshark filters
- Moloch – Full packet capture and indexing system
📱 Mobile Analysis
- MVT (Mobile Verification Toolkit) – Mobile forensics toolset for iOS and Android
🎣 Phishing Analysis
- ThePhish – Automated phishing email analysis