SOC Analyst Reference Links
Curated resources for IP, URL, domain, and phone number reputation checks, as well as threat intelligence and malware analysis.
IP Checker
| Name | Description | Link |
| Spur.us | Threat analysis of IP addresses | Visit |
| AbuseIPDB | IP reputation database | Visit |
| Cisco Talos | IP and domain reputation lookup | Visit |
| FeodoTracker | Browse Botnet C&Cs | Visit |
| IPQualityScore | IP reputation scoring | Visit |
| RST Cloud | IP/domain reputation lookup | Visit |
| VirusTotal | IP checker with history and analysis | Visit |
| Tor Relay | relay operator | Visit |
URL Checker
| Name | Description | Link |
| VirusTotal | Multi-engine URL scanning | Visit |
| UrlHaus | URL scanning database | Visit |
| Browserling | Online report url database | Visit |
| urlquery.net | Website scanning and screenshot | Visit |
| Google Safe Browsing | URL safety and phishing check | Visit |
| PhishTank | Community-driven phishing URL database | Visit |
| Sucuri SiteCheck | Website malware and security scan | Visit |
| Browserling | Online browser testing for URL accessibility | Visit |
Domain Checker
| Name | Description | Link |
| Whois Lookup | Domain ownership and registration details | Visit |
| AlienVault | Domain Checker Website & Others | Visit |
| Cisco Talos | Domain and IP reputation | Visit |
| MXToolbox | Domain health, DNS, and blacklist checks | Visit |
| ThreatFox | You are browsing the Indicator Of Compromise (IOC) database of ThreatFox | Visit |
| SSL Blacklist | Here you can browse all malicious SSL certificates | Visit |
| DomainTools | Advanced domain research and monitoring | Visit |
MAC Address Checker
| Name | Description | Link |
| MAC Vendors | MAC address vendor lookup | Visit |
| IEEE OUI Lookup | Official IEEE MAC address registry | Visit |
| DNSChecker MAC Lookup | MAC address search with vendor info | Visit |
| Miniweb Tool MAC Lookup | Quick MAC vendor lookup | Visit |
Website Scanner
| Name | Description | Link |
| Wayback Machine | View historical snapshots of websites | Visit |
| Sucuri SiteCheck | Malware, blacklist, and website security scan | Visit |
| Pentest-Tools | Online vulnerability scanner and security testing | Visit |
| Detectify | Automated website vulnerability scanning | Visit |
| ImmuniWeb | Website security, SSL/TLS, and privacy scanning | Visit |
| UpGuard Web Scan | Website risk assessment and security rating | Visit |
| Observatory Mozilla | Security and best practices scanner for web services | Visit |
| Qualys SSL Labs | SSL/TLS configuration testing | Visit |
| Security Headers | Check if the website has secure headers | Visit |
Email Checker
| Name | Description | Link |
| SpamHaus | Checks if an email domain or IP is listed for spamming | Visit |
| Apivoid | Email reputation, blacklist and security checks | Visit |
| Talos | Cisco Talos email reputation and domain intelligence | Visit |
| Mailmeteor | Free tool to analyze and check email domain reputation | Visit |
| Phishtool | Nice tool to upload and investigate emails | Visit |
Number Reputation Checker
| Name | Description | Link |
| Truecaller | Phone number reputation and lookup | Visit |
| WhoCallsMe | Community-reported phone number directory | Visit |
| CallerSmart | Phone number search and spam protection | Visit |
| Whitepages | Reverse phone lookup and caller ID | Visit |
| SpamCalls.net | Global spam call and robocall database | Visit |
Malware Analysis
| Name | Description | Link |
| VirusTotal | Multi-engine file and URL scanning | Visit |
| Malware Bazaar | Database with malware investigations | Visit |
| MalPedia | A wikipedia for malwares | Visit |
| Hybrid Analysis | Static and dynamic malware analysis | Visit |
| Intezer Analyze | Code genome malware analysis | Visit |
| Any.Run | Interactive malware sandbox | Visit |
| file.net | Containes all windows applications | Visit |
| Joe | Malware sundbox analysis tool | Visit |
| Name | Description | Link |
| CyberChef | Encode/Decode, crypto, parsing, forensics | Visit |
| Base64Decode.org | Simple Base64 encoder/decoder | Visit |
| URLDecoder.org | URL encode/decode | Visit |
| FreeFormatter HTML Entities | HTML entities encode/decode | Visit |
| Online Unicode Tools | UTF-8/Unicode ↔ text conversions | Visit |
| JWT.io | Decode/inspect JSON Web Tokens | Visit |
| SSL Certificate Decoder | Decode X.509/CSR/PEM | Visit |
| Lapo ASN.1 Decoder | Parse/inspect ASN.1 DER/BER | Visit |
| CrackStation | Lookup/decrypt hashes using large DB/wordlists | Visit |
| Hashes.com | Hash identifier & decrypt database | Visit |
| MD5Decrypt | Decrypt MD5/SHA/NTLM via database | Visit |
| TunnelsUp Hash Analyzer | Identify hash type by pattern | Visit |
| HashToolKit | Identify & "decrypt" common hashes | Visit |
| Exif.tools | View/extract EXIF metadata | Visit |
| Aperisolve | Auto image analysis (layers/strings/exif/stego) | Visit |
| StegOnline | LSB & common stego operations in browser | Visit |
| Hexed.it | Online hex editor/inspector | Visit |
| obf-io | Online Obfuscator/Deobfuscator (Javascript) | Visit |
| srihash.org | SRI Hash Generator | Visit |