Summary

The website presents a collection of Jupyter Notebooks focused on malware analysis, threat intelligence, and reverse engineering, maintained and periodically updated by a security expert.

Abstract

The website content introduces "My Jupyter Collection," a curated selection of Jupyter Notebooks utilized for various security-related tasks such as analysis, threat intelligence, and creating workflows. The author, who actively works with Jupyter notebooks, shares these resources on a GitHub page and occasionally updates the collection. The notebooks cover a range of topics including using MSTICpy for Malware Bazaar API queries, leveraging Python for malware analysis and reverse engineering, analyzing the Conti Leaks for threat intelligence, and extracting indicators of compromise (IOCs) from threat reports. Additionally, the author explores malware similarities and has presented their work at the 2022 Jupyterthon conference. The website also includes blog links, presentation slides, and a call to action for readers to follow the author on Twitter or Medium, and consider a Medium membership to support the author's community projects.

Opinions

The author expresses enthusiasm for Jupyter notebooks, emphasizing their daily use and the value they bring to analysis and workflow creation.
There is a clear appreciation for the MSTICpy library, as it is featured in multiple notebooks for tasks like querying Malware Bazaar, extracting IOCs, and hunting domain relationships.
The author believes in the importance of sharing knowledge and resources within the threat intelligence community, as evidenced by the public GitHub page and the presentation at Jupyterthon.
By encouraging readers to follow them on social media and consider a Medium membership, the author shows a commitment to ongoing content creation and community engagement.
The inclusion of a variety of notebooks and topics suggests the author's dedication to comprehensive and practical approaches to malware analysis and threat intelligence.

My Jupyter Collection

I work with Jupyter notebook on a daily base for analysis, threat intelligence and creating workflows! I created a Github page to share some of them! I update it periodically! This thread was originally posted on Twitter and saved here! 🤓

jupyter-collection | Collection of Jupyter Notebooks by @fr0gger_ (securitybreak.io)

“Malware Bazaar Lookup with MSTICpy” is a notebook that demonstrates the usage of MSTICpy for querying Malware Bazaar API. 🛠️

“10 Python Libraries for Malware Analysis and Reverse Engineering” is a notebook that demonstrates how to use Python for malware analysis and RE! More detail on my blog!

“Using Python to unearth a goldmine of threat intelligence from leaked chat logs” is a notebook that explore the Conti Leaks and shows a complete process of analysis the data. I wrote a blog about it! 🤓

“VT Hunting Domain Relationship using MSTICpy” is a notebook that shows how to use MSTICpy and VirusTotal for extracting domains relationship and pivoting for other relations (samples, domains, urls…).

“Extracting Indicators of Compromise from Threat Reports using MSTICpy” is another notebook that uses MSTICpy to quickly extract IOCs from a blog post!👌

“Strings Similarity Experimentation” is a notebook that experiments how to put in perspective malware similarities between samples using the extracted strings and the Jaccard distance! 🧑‍🔬

I also did a presentation at the 2022 Jupyterthon conference about the use of Jupyter Notebook for threat intelligence sharing. You can find the slides and the talks below.

That’s all! I hope you find them useful; I update the collection regularly so stay tuned for the next one! 🤓

You can follow me on Twitter @fr0gger_ or on Medium for more stuff such as this one. ❤

Consider becoming a Medium member if you appreciate my content and want to help me as a writer. It cost $5 per month and gives you unlimited access to Medium content. I’ll get a little commission if you sign up via my link and that will help supporting my community projects. Thanks!🤓