awesome-yara by InQuest

A curated list of awesome YARA rules, tools, and people.

created at Aug. 23, 2017, 6:55 p.m.

170 +0

3,295 +12

468 +1

pafish by a0rtega

Pafish is a testing tool that uses different techniques to detect virtual machines and malware analysis environments in the same way that malware families do

created at July 1, 2012, 11:06 a.m.

174 +0

3,111 +6

453 +0

angr by angr

A powerful and user-friendly binary analysis platform!

created at Aug. 6, 2015, 9:46 p.m.

184 -1

7,268 +10

1,041 +0

Loki by Neo23x0

Loki - Simple IOC and YARA Scanner

created at Jan. 18, 2015, 8:39 a.m.

187 +0

3,254 +0

574 -1

flare-vm by mandiant

A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.

created at July 5, 2017, 9:17 p.m.

200 +2

5,948 +32

873 +2

peda by longld

PEDA - Python Exploit Development Assistance for GDB

created at Aug. 3, 2012, 6:26 a.m.

206 +0

5,771 +14

790 +1

data by aptnotes

APTnotes data

created at April 1, 2016, 2:44 p.m.

209 +0

1,620 +1

274 +0

binnavi by google

BinNavi is a binary analysis IDE that allows to inspect, navigate, edit and annotate control flow graphs and call graphs of disassembled code.

created at Aug. 19, 2015, 12:20 p.m.

221 +0

2,863 +0

452 +0

maltrail by stamparm

Malicious traffic detection system

created at Dec. 4, 2014, 9:33 p.m.

230 +0

5,812 +12

998 +0

al-khaser by LordNoteworthy

Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.

created at Nov. 12, 2015, 6:35 p.m.

238 +0

5,570 +9

1,136 +0

mhn by pwnlandia

Modern Honey Network

created at May 28, 2014, 11:35 p.m.

243 +0

2,415 +3

631 +0

MISP by MISP

MISP (core software) - Open Source Threat Intelligence and Sharing Platform

created at Feb. 7, 2013, 5:10 p.m.

275 +0

5,034 +9

1,346 +1

awesome-infosec by onlurking

A curated list of awesome infosec courses and training resources.

created at May 13, 2015, 10:20 p.m.

294 +0

5,008 +9

734 +1

capstone by capstone-engine

Capstone disassembly/disassembler framework for ARM, ARM64 (ARMv8), Alpha, BPF, Ethereum VM, HPPA, M68K, M680X, Mips, MOS65XX, PPC, RISC-V(rv32G/rv64G), SH, Sparc, SystemZ, TMS320C64X, TriCore, Webassembly, XCore and X86.

created at Nov. 27, 2013, 2:32 a.m.

302 -1

7,087 +12

1,509 +1

volatility by volatilityfoundation

An advanced memory forensics framework

created at April 24, 2014, 3:45 p.m.

307 -1

6,973 +17

1,250 +1

Malware by RPISEC

Course materials for Malware Analysis by RPISEC

created at Jan. 8, 2016, 4:10 p.m.

330 +0

3,651 +12

778 +0

arkime by arkime

Arkime is an open source, large scale, full packet capturing, indexing, and database system.

created at July 6, 2012, 4:10 p.m.

349 +0

6,151 +10

1,030 -1

rules by Yara-Rules

Repository of yara rules

created at April 11, 2015, 5:56 a.m.

350 +1

3,993 +8

981 -1

pics by corkami

File formats dissections and more...

created at March 26, 2015, 4:38 p.m.

360 +0

10,337 +4

740 +0

binwalk by ReFirmLabs

Firmware Analysis Tool

created at Nov. 15, 2013, 8:45 p.m.

368 +0

10,240 +25

1,480 +5