Tool to gather Threat Intelligence indicators from publicly available sources
updated at May 21, 2024, 8:05 p.m.
Checks with NSRL RDS servers looking for for hash matches
updated at May 22, 2024, 1:50 a.m.
A Python library and command line tools to provide interactive log visualization.
updated at May 22, 2024, 2:57 a.m.
C++ application that uses memory and code hooks to detect packers
updated at May 22, 2024, 3:08 a.m.
BluePill: Neutralizing Anti-Analysis Behavior in Malware Dissection (Black Hat Europe 2019, IEEE TIFS 2020)
updated at May 22, 2024, 3:12 a.m.
hackers-grep is a utility to search for strings in PE executables including imports, exports, and debug symbols
updated at May 22, 2024, 3:38 a.m.
Limon is a sandbox developed as a research project written in python, which automatically collects, analyzes, and reports on the run time indicators of Linux malware. It allows one to inspect Linux malware before execution, during execution, and after execution (post-mortem analysis) by performing static, dynamic and memory analysis using open source tools
updated at May 22, 2024, 6:44 a.m.
Visualize network topologies and collect graph statistics based on pcap files
updated at May 23, 2024, 5:08 a.m.
DECAF (short for Dynamic Executable Code Analysis Framework) is a binary analysis platform based on QEMU. This is also the home of the DroidScope dynamic Android malware analysis platform. DroidScope is now an extension to DECAF.
updated at May 23, 2024, 12:05 p.m.
Machinae Security Intelligence Collector
updated at May 23, 2024, 6:38 p.m.