evolve by JamesHabben

Web interface for the Volatility Memory Forensics Framework

updated at April 4, 2024, 10:44 p.m.

38 +0

259 +0

42 +0

hpfeeds by hpfeeds

Honeynet Project generic authenticated datafeed protocol

updated at April 8, 2024, 2:49 a.m.

30 +0

208 +0

110 +0

Ragpicker by robbyFux

Ragpicker is a Plugin based malware crawler with pre-analysis and reporting functionalities. Use this tool if you are testing antivirus products, collecting malware for another analyzer/zoo.

updated at April 12, 2024, 8:54 a.m.

15 +0

90 +0

25 +0

nsrllookup by rjhansen

Checks with NSRL RDS servers looking for for hash matches

updated at April 12, 2024, 8:49 p.m.

13 +0

107 +0

10 +0

AnalyzePE by hiddenillusion

Wraps around various tools and provides some additional checks/information to produce a centralized report of a PE file.

updated at April 12, 2024, 11:52 p.m.

19 +0

201 +0

37 +0

IPinfo by hiddenillusion

Searches various online resources to try and get as much info about an IP/domain as possible.

updated at April 14, 2024, 2:38 a.m.

19 +0

95 +0

28 +0

EVTXtract by williballenthin

EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.

updated at April 14, 2024, 1:56 p.m.

18 +0

173 +0

24 +0

ioc_writer by mandiant

None

updated at April 14, 2024, 7:25 p.m.

40 +0

199 +0

60 +0

Hale by pjlantz

Botnet command & control monitor

updated at April 16, 2024, 7:42 p.m.

17 +0

183 +0

63 +0

malcom by tomchop

Malcom - Malware Communications Analyzer

updated at April 20, 2024, 3:39 p.m.

132 +0

1,138 +0

214 +0

PackerAttacker by BromiumLabs

C++ application that uses memory and code hooks to detect packers

updated at April 23, 2024, 10:34 p.m.

30 +0

261 +0

72 +0

combine by mlsecproject

Tool to gather Threat Intelligence indicators from publicly available sources

updated at April 24, 2024, 11:48 a.m.

90 +0

648 +0

179 +0

pyew by joxeankoret

Official repository for Pyew.

updated at April 24, 2024, 1:04 p.m.

32 +0

379 +0

101 +0

aleph by merces

An Open Source Malware Analysis Pipeline System

updated at April 24, 2024, 5:24 p.m.

35 +0

153 +0

53 +0

PortEx by katjahahn

Java library to analyse Portable Executable files with a special focus on malware analysis and PE malformation robustness

updated at April 24, 2024, 5:24 p.m.

43 +0

487 +0

95 +0

MaltegoVT by michael-yip

A set of Maltego transforms for VirusTotal Public API v2.0. This set has the added functionality of caching queries on a daily basis to speed up resolutions.

updated at April 24, 2024, 5:25 p.m.

8 +0

76 +0

22 +0

Limon by monnappa22

Limon is a sandbox developed as a research project written in python, which automatically collects, analyzes, and reports on the run time indicators of Linux malware. It allows one to inspect Linux malware before execution, during execution, and after execution (post-mortem analysis) by performing static, dynamic and memory analysis using open source tools

updated at April 24, 2024, 5:25 p.m.

36 +0

383 +0

121 +0

polichombr by ANSSI-FR

Collaborative malware analysis framework

updated at April 24, 2024, 5:45 p.m.

38 +0

372 +0

64 +0

sandboxapi by InQuest

Minimal, consistent Python API for building integrations with malware sandboxes.

updated at April 24, 2024, 6:58 p.m.

21 +0

131 +0

39 +0

AnalyzePDF by hiddenillusion

Tool to help analyze PDF files

updated at April 24, 2024, 8:36 p.m.

22 +0

170 +0

40 +0