inVtero.net: A high speed (Gbps) Forensics, Memory integrity & assurance. Includes offensive & defensive memory capabilities. Find/Extract processes, hypervisors (including nested) in memory dumps using microarchitechture independent Virtual Machiene Introspection techniques
created at April 29, 2011, 4:37 a.m.
ROPMEMU is a framework to analyze, dissect and decompile complex code-reuse attacks.
created at May 24, 2016, 5:04 p.m.
DC3 Malware Configuration Parser (DC3-MWCP) is a framework for parsing configuration information from malware. The information extracted from malware includes items such as addresses, passwords, filenames, and mutex names.
created at May 6, 2015, 3:11 p.m.
Visualize network topologies and collect graph statistics based on pcap files
created at Jan. 21, 2015, 10:57 p.m.
A Python RESTful API framework for online malware analysis and threat intelligence services.
created at Feb. 27, 2015, 10:43 p.m.
Limon is a sandbox developed as a research project written in python, which automatically collects, analyzes, and reports on the run time indicators of Linux malware. It allows one to inspect Linux malware before execution, during execution, and after execution (post-mortem analysis) by performing static, dynamic and memory analysis using open source tools
created at Nov. 21, 2015, 8:37 a.m.
Robust ABC (ActionScript Bytecode) [Dis-]Assembler
created at May 5, 2010, 7:23 a.m.
Linker/Compiler/Tool detector for Windows, Linux and MacOS.
created at Nov. 29, 2018, 2:28 p.m.
Defanged Indicator of Compromise (IOC) Extractor.
created at April 17, 2018, 5:37 p.m.
Machinae Security Intelligence Collector
created at July 6, 2015, 3:14 p.m.