BARF : A multiplatform open source Binary Analysis and Reverse engineering Framework
updated at May 7, 2024, 11:10 a.m.
ngrep is like GNU grep applied to the network layer. It's a PCAP-based tool that allows you to specify an extended regular or hexadecimal expression to match against data payloads of packets. It understands many kinds of protocols, including IPv4/6, TCP, UDP, ICMPv4/6, IGMP and Raw, across a wide variety of interface types, and understands BPF filter logic in the same fashion as more common packet sniffing tools, such as tcpdump and snoop.
updated at May 7, 2024, 8:44 a.m.
This is the development tree. Production downloads are at:
updated at May 7, 2024, 1:56 a.m.
Collection of malware persistence and hunting information. Be a persistent persistence hunter!
updated at May 6, 2024, 8:49 p.m.
BinaryAlert: Serverless, Real-time & Retroactive Malware Detection.
updated at May 6, 2024, 8:49 p.m.
Visualize network topologies and collect graph statistics based on pcap files
updated at May 4, 2024, 5:21 p.m.
Defanged Indicator of Compromise (IOC) Extractor.
updated at May 4, 2024, 11:14 a.m.
HaboMalHunter is a sub-project of Habo Malware Analysis System (https://habo.qq.com), which can be used for automated malware analysis and security assessment on the Linux system.
updated at May 4, 2024, 10:32 a.m.
DC3 Malware Configuration Parser (DC3-MWCP) is a framework for parsing configuration information from malware. The information extracted from malware includes items such as addresses, passwords, filenames, and mutex names.
updated at May 2, 2024, 3:15 p.m.
Pythonic interface to the Internet Storm Center / DShield API.
updated at April 30, 2024, 8:17 p.m.
Reverse engineering tool for virtualization wrappers
updated at April 28, 2024, 11:32 p.m.