Aerie from Hawk Eye: Tools for Malware Testers

Trident

From Hawk Eye
Thread author
Verified
Top Poster
Developer
Well-known
Feb 7, 2023
4,341
28,144
5,289
hea-p.com
As promised earlier on today, the platform that I use for testing is now live.

Meet Aerie - I am hoping it will help malware testers be more productive.

After creating an account with very few details, this is your dashboard.

1783711082658.png


Phishing list
1783711109301.png


Malware URL list
1783711164766.png


Plus custom additions

Everything can be checked against sandboxes and threat sources
1783711259355.png

1783711299428.png

1783711342471.png


And last but not least - collaborative testing.
1783711722235.png


Everyone can start a campaign and add the threat set. Other users then request to join the testing subject to approval, and report their results

1783711787673.png


The platform is enriched with my signature OrbitUX.


Unfortunately, due to licensing and payment per request, I am unable to include all sources that the original platform uses.

Enjoy!
 
As promised earlier on today, the platform that I use for testing is now live.

Meet Aerie - I am hoping it will help malware testers be more productive.

After creating an account with very few details, this is your dashboard.

View attachment 298742

Phishing list
View attachment 298743

Malware URL list
View attachment 298744

Plus custom additions

Everything can be checked against sandboxes and threat sources
View attachment 298745
View attachment 298746
View attachment 298747

And last but not least - collaborative testing.
View attachment 298748

Everyone can start a campaign and add the threat set. Other users then request to join the testing subject to approval, and report their results

View attachment 298749

The platform is enriched with my signature OrbitUX.


Unfortunately, due to licensing and payment per request, I am unable to include all sources that the original platform uses.

Enjoy!
Thank you for your efforts Trident. Does the platform fetch malicious URLs in real-time?

And regarding malicious samples, does it fetch that too?
 
  • Thanks
Reactions: Trident
Thank you for your efforts Trident. Does the platform fetch malicious URLs in real-time?

And regarding malicious samples, does it fetch that too?
It does fetch yes.

There is still room for improvement, as well as a bit of filtering and stuff (which I have on my end but I need to figure out how to make easy).
 
  • Like
Reactions: Jonny Quest
It does fetch yes.

There is still room for improvement, as well as a bit of filtering and stuff (which I have on my end but I need to figure out how to make easy).
I mean does it fetch live, zero-day malicious URLs and samples in real time? Those might contain raw, and maybe static and dead samples, for now?

I am geniunly trying to understand how this works. Is it a script or api wrapping that fetches samples from sth like MalwareBazaar?
 
  • Like
Reactions: Trident
I mean does it fetch live, zero-day malicious URLs and samples in real time? Those might contain raw, and maybe static and dead samples, for now?

I am geniunly trying to understand how this works. Is it a script or api wrapping that fetches samples from sth like MalwareBazaar
It fetches from repositories and feeds and allows you to double check what’s malicious within the platform using filescan.io dynamic emulator and VirusTotal. You can also manually fetch samples and run them through checks. I an integrating hybrid analysis as well at the moment.

For most of the checks you do not need to bring your own api keys. The only API key needed is for VirusTotal.
 

You may also like...