javascript-malware-collection by HynekPetrak

Collection of almost 40.000 javascript malware samples

created at May 7, 2017, 7:17 p.m.

37 +0

632 +0

236 +0

peframe by guelfoweb

PEframe is a open source tool to perform static analysis on Portable Executable malware and malicious MS Office documents.

created at March 12, 2014, 11:23 p.m.

52 +0

595 +1

142 +0

malware-persistence by Karneades

Collection of malware persistence and hunting information. Be a persistent persistence hunter!

created at March 30, 2020, 1:52 p.m.

8 +0

158 +1

17 +0

bluepill by season-lab

BluePill: Neutralizing Anti-Analysis Behavior in Malware Dissection (Black Hat Europe 2019, IEEE TIFS 2020)

created at Nov. 24, 2019, 9:35 p.m.

9 +0

117 +2

22 -3

ScyllaHide by x64dbg

Advanced usermode anti-anti-debugger. Forked from https://bitbucket.org/NtQuery/scyllahide

created at Jan. 27, 2016, 5:26 a.m.

87 +0

3,250 +11

407 +0

pyinstxtractor by extremecoders-re

PyInstaller Extractor

created at March 25, 2020, 11:24 a.m.

54 +0

2,512 +18

579 +3

Scylla by NtQuery

Imports Reconstructor

created at Sept. 13, 2011, 6:58 p.m.

55 +0

1,027 +2

220 +0

de4dot by de4dot

.NET deobfuscator and unpacker.

created at Sept. 20, 2011, 1:50 a.m.

513 +0

6,764 +12

2,650 +4

dnSpy by dnSpy

.NET debugger and assembly editor

created at July 1, 2015, 4:05 p.m.

985 +1

25,697 +32

4,936 +13

arkime by arkime

Arkime is an open source, large scale, full packet capturing, indexing, and database system.

created at July 6, 2012, 4:10 p.m.

349 +0

6,151 +10

1,030 -1

ember by elastic

Elastic Malware Benchmark for Empowering Researchers

created at April 11, 2018, 5:48 p.m.

51 +0

904 +2

271 +0

VolDiff by aim4r

VolDiff: Malware Memory Footprint Analysis based on Volatility

created at April 19, 2015, 12:30 a.m.

28 +0

192 +0

50 +0

PcapViz by mateuszk87

Visualize network topologies and collect graph statistics based on pcap files

created at Jan. 21, 2015, 10:57 p.m.

27 +0

327 +1

59 +0

iocs by mandiant

FireEye Publicly Shared Indicators of Compromise (IOCs)

created at Aug. 29, 2014, 12:47 a.m.

160 +0

461 +1

116 +0

flare-fakenet-ng by mandiant

FakeNet-NG - Next Generation Dynamic Network Analysis Tool

created at June 27, 2016, 8:46 p.m.

112 +0

1,705 +0

352 -2

stringsifter by mandiant

A machine learning tool that ranks strings based on their relevance for malware analysis.

created at Sept. 5, 2019, 1:02 p.m.

30 +0

649 +0

123 +0

flare-vm by mandiant

A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.

created at July 5, 2017, 9:17 p.m.

200 +2

5,948 +32

873 +2

capa by mandiant

The FLARE team's open-source tool to identify capabilities in executable files.

created at June 16, 2020, 9:24 p.m.

79 +0

3,912 +15

494 +0

flare-floss by mandiant

FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.

created at March 2, 2016, 8:16 p.m.

131 +0

3,053 +8

445 +1

capstone by capstone-engine

Capstone disassembly/disassembler framework for ARM, ARM64 (ARMv8), Alpha, BPF, Ethereum VM, HPPA, M68K, M680X, Mips, MOS65XX, PPC, RISC-V(rv32G/rv64G), SH, Sparc, SystemZ, TMS320C64X, TriCore, Webassembly, XCore and X86.

created at Nov. 27, 2013, 2:32 a.m.

302 -1

7,087 +12

1,509 +1