awesome-forensics by cugu

A curated list of awesome forensic analysis tools and resources

updated at May 25, 2024, 7:47 p.m.

167 +0

3,638 +23

593 -1

maltrail by stamparm

Malicious traffic detection system

updated at May 25, 2024, 8:13 p.m.

230 +0

5,812 +12

998 +0

awesome-threat-intelligence by hslatman

A curated list of Awesome Threat Intelligence resources

updated at May 25, 2024, 8:16 p.m.

551 +0

7,417 +33

1,408 +2

pharos by cmu-sei

Automated static analysis tools for binary programs

updated at May 25, 2024, 9:06 p.m.

77 +0

1,492 +2

184 +0

HashCheck by gurnec

HashCheck Shell Extension for Windows with added SHA2, SHA3, and multithreading; originally from code.kliu.org

updated at May 25, 2024, 9:06 p.m.

72 +0

1,696 +1

195 +1

al-khaser by LordNoteworthy

Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.

updated at May 25, 2024, 9:25 p.m.

238 +0

5,570 +9

1,136 +0

Nauz-File-Detector by horsicq

Linker/Compiler/Tool detector for Windows, Linux and MacOS.

updated at May 26, 2024, 1:02 a.m.

26 +0

490 +3

80 +0

scalpel by sleuthkit

Scalpel is an open source data carving tool. It is not being actively maintained.

updated at May 26, 2024, 1:28 a.m.

43 +0

607 +4

100 +0

fibratus by rabbitstack

A modern tool for Windows kernel exploration and tracing with a focus on security

updated at May 26, 2024, 1:36 a.m.

71 -1

2,093 +6

183 +0

theZoo by ytisf

A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.

updated at May 26, 2024, 4:03 a.m.

814 -2

10,800 +23

2,464 +0

Detect-It-Easy by horsicq

Program for determining types of files for Windows, Linux and MacOS.

updated at May 26, 2024, 4:06 a.m.

164 +0

6,702 +26

672 +0

flare-vm by mandiant

A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.

updated at May 26, 2024, 4:09 a.m.

200 +2

5,948 +32

873 +2

capa by mandiant

The FLARE team's open-source tool to identify capabilities in executable files.

updated at May 26, 2024, 4:09 a.m.

79 +0

3,912 +15

494 +0

MISP by MISP

MISP (core software) - Open Source Threat Intelligence and Sharing Platform

updated at May 26, 2024, 4:11 a.m.

275 +0

5,034 +9

1,346 +1

pafish by a0rtega

Pafish is a testing tool that uses different techniques to detect virtual machines and malware analysis environments in the same way that malware families do

updated at May 26, 2024, 4:12 a.m.

174 +0

3,111 +6

453 +0

flare-floss by mandiant

FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.

updated at May 26, 2024, 4:12 a.m.

131 +0

3,053 +8

445 +1

volatility by volatilityfoundation

An advanced memory forensics framework

updated at May 26, 2024, 4:12 a.m.

307 -1

6,973 +17

1,250 +1

bytecode-viewer by Konloch

A Java 8+ Jar & Android APK Reverse Engineering Suite (Decompiler, Editor, Debugger & More)

updated at May 26, 2024, 4:15 a.m.

378 +1

14,394 +14

1,132 +1

Malware by RPISEC

Course materials for Malware Analysis by RPISEC

updated at May 26, 2024, 4:18 a.m.

330 +0

3,651 +12

778 +0

peframe by guelfoweb

PEframe is a open source tool to perform static analysis on Portable Executable malware and malicious MS Office documents.

updated at May 26, 2024, 4:42 a.m.

52 +0

595 +1

142 +0