nsrllookup by rjhansen

Checks with NSRL RDS servers looking for for hash matches

updated at Sept. 6, 2024, 1:53 p.m.

C++

13 +0

111 +0

10 +0

GitHub
broyara by hempnall

integrating bro into yara

updated at Sept. 24, 2024, 6:44 p.m.

C++

5 +0

33 +0

5 +0

GitHub
AChoir by OMENScan

Windows Live Artifacts Acquisition Script

updated at Sept. 30, 2024, 2:54 a.m.

C++

13 +0

183 +0

29 +0

GitHub
bluepill by season-lab

BluePill: Neutralizing Anti-Analysis Behavior in Malware Dissection (Black Hat Europe 2019, IEEE TIFS 2020)

updated at Oct. 2, 2024, 9:09 a.m.

C++

9 +0

121 +0

22 +0

GitHub
PackerAttacker by BromiumLabs

C++ application that uses memory and code hooks to detect packers

updated at Oct. 17, 2024, 8:23 a.m.

C++

30 +0

268 +0

72 +0

GitHub
drakvuf by tklengyel

DRAKVUF Black-box Binary Analysis

updated at Nov. 11, 2024, 1:09 p.m.

C++

62 +1

1,062 +2

255 +1

GitHub
hashdeep by jessek

None

updated at Nov. 15, 2024, 10:07 a.m.

C++

60 +0

709 +3

132 +0

GitHub
pharos by cmu-sei

Automated static analysis tools for binary programs

updated at Nov. 15, 2024, 12:43 p.m.

C++

78 +0

1,557 +1

191 +1

GitHub
wdbgark by swwwolf

WinDBG Anti-RootKit Extension

updated at Nov. 16, 2024, 7:20 a.m.

C++

63 +0

615 +1

178 +0

GitHub
Scylla by NtQuery

Imports Reconstructor

updated at Nov. 16, 2024, 3:01 p.m.

C++

55 +0

1,116 +7

232 +0

GitHub
IDR by crypto2011

Interactive Delphi Reconstructor

updated at Nov. 16, 2024, 7:46 p.m.

C++

83 +0

968 +4

224 -1

GitHub
bulk_extractor by simsong

This is the development tree. Production downloads are at:

updated at Nov. 17, 2024, 12:02 a.m.

C++

76 +0

1,115 +3

187 +0

GitHub
Nauz-File-Detector by horsicq

Linker/Compiler/Tool detector for Windows, Linux and MacOS.

updated at Nov. 17, 2024, 12:07 a.m.

C++

28 +0

525 +0

80 +0

GitHub
ScyllaHide by x64dbg

Advanced usermode anti-anti-debugger. Forked from https://bitbucket.org/NtQuery/scyllahide

updated at Nov. 17, 2024, 6:28 a.m.

C++

91 +0

3,469 +13

434 +0

GitHub
al-khaser by LordNoteworthy

Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.

updated at Nov. 17, 2024, 10:57 a.m.

C++

242 +3

5,914 +30

1,178 +5

GitHub