Web interface for the Volatility Memory Forensics Framework
updated at April 4, 2024, 10:44 p.m.
Checks with NSRL RDS servers looking for for hash matches
updated at April 12, 2024, 8:49 p.m.
Wraps around various tools and provides some additional checks/information to produce a centralized report of a PE file.
updated at April 12, 2024, 11:52 p.m.
Searches various online resources to try and get as much info about an IP/domain as possible.
updated at April 14, 2024, 2:38 a.m.
EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.
updated at April 14, 2024, 1:56 p.m.
C++ application that uses memory and code hooks to detect packers
updated at April 23, 2024, 10:34 p.m.
Tool to gather Threat Intelligence indicators from publicly available sources
updated at April 24, 2024, 11:48 a.m.
A set of Maltego transforms for VirusTotal Public API v2.0. This set has the added functionality of caching queries on a daily basis to speed up resolutions.
updated at April 24, 2024, 5:25 p.m.
Limon is a sandbox developed as a research project written in python, which automatically collects, analyzes, and reports on the run time indicators of Linux malware. It allows one to inspect Linux malware before execution, during execution, and after execution (post-mortem analysis) by performing static, dynamic and memory analysis using open source tools
updated at April 24, 2024, 5:25 p.m.
Collaborative malware analysis framework
updated at April 24, 2024, 5:45 p.m.
Minimal, consistent Python API for building integrations with malware sandboxes.
updated at April 24, 2024, 6:58 p.m.