{"id":4644,"date":"2023-03-31T12:42:58","date_gmt":"2023-03-31T12:42:58","guid":{"rendered":"\/cybersecurity-blog\/?page_id=4644"},"modified":"2026-06-09T13:06:21","modified_gmt":"2026-06-09T13:06:21","slug":"guides","status":"publish","type":"page","link":"https:\/\/any.run\/cybersecurity-blog\/guides\/","title":{"rendered":"Guides and Tutorials"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\"><\/p>\n\n\n\n<script data-wp-block-html=\"js\">\n\/\/ Select the entry header element\nconst entryHeader = document.querySelector('.entry-header');\n\n\/\/ Set the inner HTML of the entry header to a new h1 element\nentryHeader.innerHTML = `<h1 class=\"entry-title\">Guides and Tutorials<\/h1>`;\n\n\/\/ Create a new h2 element with the desired content and class\nconst newH2 = document.createElement('h2');\nnewH2.textContent = 'Useful articles from around the blog \u2014 all\u00a0in\u00a0one\u00a0place';\nnewH2.classList.add('guides-page__subheading');\n\n\/\/ Insert the new h2 element after the entry header\nentryHeader.insertAdjacentElement('afterend', newH2);\n<\/script>\n\n<div class=\"guides-page__content\">\n\n  <h2 class=\"guides-page__section-title\">First steps in ANY.RUN<\/h2>\n\n  <div class=\"guides-page__card-list\">\n    <article class=\"guides-page__card\">\n      <img decoding=\"async\" class=\"guides-page__card-image\" src=\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/09\/guides_flag.jpg\" alt=\"Start here\">\n\n      <h3 class=\"guides-page__card-title\">Start here<\/h3>\n\n      <ul class=\"guides-page__link-list\">\n        <li class=\"guides-page__link-item\">\n          <a class=\"guides-page__link\" target=\"_blank\" rel=\"noopener\" href=\"https:\/\/any.run\/cybersecurity-blog\/how-to-use-anyrun\/\">\n            How to use ANY.RUN Sandbox\n          <\/a>\n        <\/li>\n        <li class=\"guides-page__link-item\">\n          <a class=\"guides-page__link\" target=\"_blank\" rel=\"noopener\" href=\"https:\/\/any.run\/cybersecurity-blog\/introducing-any-run-threat-intelligence-lookup\/\">\n            Threat Intelligence with ANY.RUN Lookup\n          <\/a>\n        <\/li>\n        <li class=\"guides-page__link-item\">\n          <a class=\"guides-page__link\" target=\"_blank\" rel=\"noopener\" href=\"https:\/\/any.run\/cybersecurity-blog\/teamwork\/\">\n            Setting up your team\n          <\/a>\n        <\/li>\n        <li class=\"guides-page__link-item\">\n          <a class=\"guides-page__link\" target=\"_blank\" rel=\"noopener\" href=\"https:\/\/any.run\/cybersecurity-blog\/indicators-tags\/\">\n            Tags and indicators\n          <\/a>\n        <\/li>\n      <\/ul>\n    <\/article>\n\n    <article class=\"guides-page__card\">\n      <img decoding=\"async\" class=\"guides-page__card-image\" src=\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/09\/guides_glass.jpg\" alt=\"Intro to malware analysis\">\n\n      <h3 class=\"guides-page__card-title\">Intro to malware analysis<\/h3>\n\n      <ul class=\"guides-page__link-list\">\n        <li class=\"guides-page__link-item\">\n          <a class=\"guides-page__link\" target=\"_blank\" rel=\"noopener\" href=\"https:\/\/any.run\/cybersecurity-blog\/interactive-malware-analysis\/\">\n            What is interactive analysis\n          <\/a>\n        <\/li>\n        <li class=\"guides-page__link-item\">\n          <a class=\"guides-page__link\" target=\"_blank\" rel=\"noopener\" href=\"https:\/\/any.run\/cybersecurity-blog\/malware-detection-guide\/\">\n            Basics of malware detection\n          <\/a>\n        <\/li>\n        <li class=\"guides-page__link-item\">\n          <a class=\"guides-page__link\" target=\"_blank\" rel=\"noopener\" href=\"https:\/\/any.run\/cybersecurity-blog\/retrospective-malware-analysis\/\">\n            Retrospective analysis and detection\n          <\/a>\n        <\/li>\n        <li class=\"guides-page__link-item\">\n          <a class=\"guides-page__link\" target=\"_blank\" rel=\"noopener\" href=\"https:\/\/any.run\/cybersecurity-blog\/detection-with-suricata-ids\/\">\n            ANY.RUN and Suricata\n          <\/a>\n        <\/li>\n        <li class=\"guides-page__link-item\">\n          <a class=\"guides-page__link\" target=\"_blank\" rel=\"noopener\" href=\"https:\/\/any.run\/cybersecurity-blog\/malware-analysis-report\/\">\n            Creating malware reports\n          <\/a>\n        <\/li>\n      <\/ul>\n    <\/article>\n  <\/div>\n\n  <h2 class=\"guides-page__section-title\">ANY.RUN essentials<\/h2>\n\n  <div class=\"guides-page__card-list\">\n    <article class=\"guides-page__card\">\n      <img decoding=\"async\" class=\"guides-page__card-image\" src=\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/09\/guides_flask.jpg\" alt=\"Extracting in-depth data\">\n\n      <h3 class=\"guides-page__card-title\">Extracting in-depth data<\/h3>\n\n      <ul class=\"guides-page__link-list\">\n        <li class=\"guides-page__link-item\">\n          <a class=\"guides-page__link\" target=\"_blank\" rel=\"noopener\" href=\"https:\/\/any.run\/cybersecurity-blog\/indicators-of-compromise\/\">\n            Collecting IOCs\n          <\/a>\n        <\/li>\n        <li class=\"guides-page__link-item\">\n          <a class=\"guides-page__link\" target=\"_blank\" rel=\"noopener\" href=\"https:\/\/any.run\/cybersecurity-blog\/malware-details\/\">\n            Examining process details\n          <\/a>\n        <\/li>\n        <li class=\"guides-page__link-item\">\n          <a class=\"guides-page__link\" target=\"_blank\" rel=\"noopener\" href=\"https:\/\/any.run\/cybersecurity-blog\/malware-configuration\/\">\n            Quick access to malware configs\n          <\/a>\n        <\/li>\n        <li class=\"guides-page__link-item\">\n          <a class=\"guides-page__link\" target=\"_blank\" rel=\"noopener\" href=\"https:\/\/any.run\/cybersecurity-blog\/mitre-attack\/\">\n            ATT&amp;CK matrix in ANY.RUN\n          <\/a>\n        <\/li>\n      <\/ul>\n    <\/article>\n\n    <article class=\"guides-page__card\">\n      <img decoding=\"async\" class=\"guides-page__card-image\" src=\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/09\/guides_user.jpg\" alt=\"Network tools\">\n\n      <h3 class=\"guides-page__card-title\">Network tools<\/h3>\n\n      <ul class=\"guides-page__link-list\">\n        <li class=\"guides-page__link-item\">\n          <a class=\"guides-page__link\" target=\"_blank\" rel=\"noopener\" href=\"https:\/\/any.run\/cybersecurity-blog\/analyzing-the-network-stream\/\">\n            Analyzing the network stream\n          <\/a>\n        <\/li>\n        <li class=\"guides-page__link-item\">\n          <a class=\"guides-page__link\" target=\"_blank\" rel=\"noopener\" href=\"https:\/\/any.run\/cybersecurity-blog\/mitm-proxy-fake-net\/\">\n            MITM proxy\n          <\/a>\n        <\/li>\n        <li class=\"guides-page__link-item\">\n          <a class=\"guides-page__link\" target=\"_blank\" rel=\"noopener\" href=\"https:\/\/any.run\/cybersecurity-blog\/open-directories\/\">\n            Extracting data from open directories\n          <\/a>\n        <\/li>\n      <\/ul>\n    <\/article>\n  <\/div>\n\n  <h2 class=\"guides-page__section-title\">Threat intelligence and real-world usage<\/h2>\n\n  <div class=\"guides-page__card-list\">\n    <article class=\"guides-page__card\">\n      <img decoding=\"async\" class=\"guides-page__card-image\" src=\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/09\/guides_magnet.jpg\" alt=\"Collecting threat data\">\n\n      <h3 class=\"guides-page__card-title\">Collecting threat data<\/h3>\n\n      <ul class=\"guides-page__link-list\">\n        <li class=\"guides-page__link-item\">\n          <a class=\"guides-page__link\" target=\"_blank\" rel=\"noopener\" href=\"https:\/\/any.run\/cybersecurity-blog\/introducing-any-run-threat-intelligence-lookup\/\">\n            Finding linked indicators in ANY.RUN TI Lookup\n          <\/a>\n        <\/li>\n        <li class=\"guides-page__link-item\">\n          <a class=\"guides-page__link\" target=\"_blank\" rel=\"noopener\" href=\"https:\/\/any.run\/cybersecurity-blog\/malware-statistics-and-trends\/\">\n            Tracking popular malware\n          <\/a>\n        <\/li>\n        <li class=\"guides-page__link-item\">\n          <a class=\"guides-page__link\" target=\"_blank\" rel=\"noopener\" href=\"https:\/\/any.run\/cybersecurity-blog\/free-malware-samples-reports\/\">\n            Downloading samples from our database\n          <\/a>\n        <\/li>\n      <\/ul>\n    <\/article>\n\n    <article class=\"guides-page__card\">\n      <img decoding=\"async\" class=\"guides-page__card-image\" src=\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2025\/09\/guides_lightbulb.jpg\" alt=\"Applying your knowledge\">\n\n      <h3 class=\"guides-page__card-title\">Applying your knowledge<\/h3>\n\n      <ul class=\"guides-page__link-list\">\n        <li class=\"guides-page__link-item\">\n          <a class=\"guides-page__link\" target=\"_blank\" rel=\"noopener\" href=\"https:\/\/any.run\/cybersecurity-blog\/introduction-to-malware-analysis\/\">\n            Analyzing IcedID\n          <\/a>\n        <\/li>\n        <li class=\"guides-page__link-item\">\n          <a class=\"guides-page__link\" target=\"_blank\" rel=\"noopener\" href=\"https:\/\/any.run\/cybersecurity-blog\/top-recent-malware-cases\/\">\n            How we solved 3 malware cases with ANY.RUN\n          <\/a>\n        <\/li>\n        <li class=\"guides-page__link-item\">\n          <a class=\"guides-page__link\" target=\"_blank\" rel=\"noopener\" href=\"https:\/\/any.run\/cybersecurity-blog\/using-sandbox-for-incident-response\/\">\n            Using a sandbox for incident response\n          <\/a>\n        <\/li>\n      <\/ul>\n    <\/article>\n  <\/div>\n\n  <div class=\"guides-page__cta\">\n    <p class=\"guides-page__cta-text\">\n      Didn&#8217;t find what you were looking for? Reach out to our friendly support&nbsp;team\n    <\/p>\n\n    <a class=\"guides-page__cta-link\" id=\"blog-help-center-btn\" href=\"https:\/\/app.any.run\/contact-us\" target=\"_blank\" rel=\"noopener\">\n      Get help\n    <\/a>\n  <\/div>\n\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>First steps in ANY.RUN Start here How to use ANY.RUN Sandbox Threat Intelligence with ANY.RUN Lookup Setting up your team Tags and indicators Intro to malware analysis What is interactive analysis Basics of malware detection Retrospective analysis and detection ANY.RUN and Suricata Creating malware reports ANY.RUN essentials Extracting in-depth data Collecting IOCs Examining process details [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":21364,"parent":0,"menu_order":5,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_acf_changed":false,"footnotes":""},"class_list":["post-4644","page","type-page","status-publish","has-post-thumbnail","hentry"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.7 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Guides and Tutorials<\/title>\n<meta name=\"description\" content=\"We&#039;ve collected useful articles from around the blog \u2014 all in one place. Check out ANY.RUN&#039;s help center and enjoy.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/any.run\/cybersecurity-blog\/guides\/\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/any.run\\\/cybersecurity-blog\\\/guides\\\/\",\"url\":\"https:\\\/\\\/any.run\\\/cybersecurity-blog\\\/guides\\\/\",\"name\":\"Guides and Tutorials\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/any.run\\\/\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/any.run\\\/cybersecurity-blog\\\/guides\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/any.run\\\/cybersecurity-blog\\\/guides\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/any.run\\\/cybersecurity-blog\\\/wp-content\\\/uploads\\\/2026\\\/06\\\/Help-Center-cover.webp\",\"datePublished\":\"2023-03-31T12:42:58+00:00\",\"dateModified\":\"2026-06-09T13:06:21+00:00\",\"description\":\"We've collected useful articles from around the blog \u2014 all in one place. Check out ANY.RUN's help center and enjoy.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/any.run\\\/cybersecurity-blog\\\/guides\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/any.run\\\/cybersecurity-blog\\\/guides\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/any.run\\\/cybersecurity-blog\\\/guides\\\/#primaryimage\",\"url\":\"https:\\\/\\\/any.run\\\/cybersecurity-blog\\\/wp-content\\\/uploads\\\/2026\\\/06\\\/Help-Center-cover.webp\",\"contentUrl\":\"https:\\\/\\\/any.run\\\/cybersecurity-blog\\\/wp-content\\\/uploads\\\/2026\\\/06\\\/Help-Center-cover.webp\",\"width\":1440,\"height\":680},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/any.run\\\/cybersecurity-blog\\\/guides\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/any.run\\\/cybersecurity-blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Guides and Tutorials\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/any.run\\\/\",\"url\":\"https:\\\/\\\/any.run\\\/\",\"name\":\"ANY.RUN&#039;s Cybersecurity Blog\",\"description\":\"Cybersecurity Blog covers topics for experienced professionals as well as for those new to it.\",\"publisher\":{\"@id\":\"https:\\\/\\\/any.run\\\/\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/any.run\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/any.run\\\/\",\"name\":\"ANY.RUN\",\"url\":\"https:\\\/\\\/any.run\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/any.run\\\/\",\"url\":\"https:\\\/\\\/any.run\\\/cybersecurity-blog\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/ANYRUN-Icon.svg\",\"contentUrl\":\"https:\\\/\\\/any.run\\\/cybersecurity-blog\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/ANYRUN-Icon.svg\",\"width\":1,\"height\":1,\"caption\":\"ANY.RUN\"},\"image\":{\"@id\":\"https:\\\/\\\/any.run\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/www.any.run\\\/\",\"https:\\\/\\\/x.com\\\/anyrun_app\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/30692044\",\"https:\\\/\\\/www.youtube.com\\\/channel\\\/UCOgCPho7lzmH7m6fPNlukrQ\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Guides and Tutorials","description":"We've collected useful articles from around the blog \u2014 all in one place. Check out ANY.RUN's help center and enjoy.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/any.run\/cybersecurity-blog\/guides\/","twitter_misc":{"Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/any.run\/cybersecurity-blog\/guides\/","url":"https:\/\/any.run\/cybersecurity-blog\/guides\/","name":"Guides and Tutorials","isPartOf":{"@id":"https:\/\/any.run\/"},"primaryImageOfPage":{"@id":"https:\/\/any.run\/cybersecurity-blog\/guides\/#primaryimage"},"image":{"@id":"https:\/\/any.run\/cybersecurity-blog\/guides\/#primaryimage"},"thumbnailUrl":"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2026\/06\/Help-Center-cover.webp","datePublished":"2023-03-31T12:42:58+00:00","dateModified":"2026-06-09T13:06:21+00:00","description":"We've collected useful articles from around the blog \u2014 all in one place. Check out ANY.RUN's help center and enjoy.","breadcrumb":{"@id":"https:\/\/any.run\/cybersecurity-blog\/guides\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/any.run\/cybersecurity-blog\/guides\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/any.run\/cybersecurity-blog\/guides\/#primaryimage","url":"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2026\/06\/Help-Center-cover.webp","contentUrl":"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2026\/06\/Help-Center-cover.webp","width":1440,"height":680},{"@type":"BreadcrumbList","@id":"https:\/\/any.run\/cybersecurity-blog\/guides\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/any.run\/cybersecurity-blog\/"},{"@type":"ListItem","position":2,"name":"Guides and Tutorials"}]},{"@type":"WebSite","@id":"https:\/\/any.run\/","url":"https:\/\/any.run\/","name":"ANY.RUN&#039;s Cybersecurity Blog","description":"Cybersecurity Blog covers topics for experienced professionals as well as for those new to it.","publisher":{"@id":"https:\/\/any.run\/"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/any.run\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/any.run\/","name":"ANY.RUN","url":"https:\/\/any.run\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/any.run\/","url":"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2020\/08\/ANYRUN-Icon.svg","contentUrl":"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2020\/08\/ANYRUN-Icon.svg","width":1,"height":1,"caption":"ANY.RUN"},"image":{"@id":"https:\/\/any.run\/"},"sameAs":["https:\/\/www.facebook.com\/www.any.run\/","https:\/\/x.com\/anyrun_app","https:\/\/www.linkedin.com\/company\/30692044","https:\/\/www.youtube.com\/channel\/UCOgCPho7lzmH7m6fPNlukrQ"]}]}},"_links":{"self":[{"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/pages\/4644","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/comments?post=4644"}],"version-history":[{"count":69,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/pages\/4644\/revisions"}],"predecessor-version":[{"id":21542,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/pages\/4644\/revisions\/21542"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/media\/21364"}],"wp:attachment":[{"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/media?parent=4644"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}