combine by mlsecproject

Tool to gather Threat Intelligence indicators from publicly available sources

created at Feb. 21, 2014, 5:33 p.m.

90 +0

648 +0

179 +0

Noriben by Rurik

Noriben - Portable, Simple, Malware Analysis Sandbox

created at April 10, 2013, 8:37 p.m.

90 +0

1,073 +1

221 +0

capa by mandiant

The FLARE team's open-source tool to identify capabilities in executable files.

created at June 16, 2020, 9:24 p.m.

78 +0

3,881 +14

491 +0

thug by buffer

Python low-interaction honeyclient

created at Feb. 20, 2012, 11:56 a.m.

75 +0

959 +2

204 +0

binaryalert by airbnb

BinaryAlert: Serverless, Real-time & Retroactive Malware Detection.

created at July 12, 2017, 9:27 p.m.

74 +0

1,380 -2

201 +0

chopshop by MITRECND

Protocol Analysis/Decoder Framework

created at Sept. 18, 2012, 5:51 p.m.

71 +0

487 +0

111 +0

vivisect by vivisect

None

created at Nov. 14, 2014, 6:28 p.m.

70 +0

906 +3

184 +0

barf-project by programa-stic

BARF : A multiplatform open source Binary Analysis and Reverse engineering Framework

created at Oct. 23, 2014, 2:33 p.m.

69 +0

1,391 +1

182 +0

CapTipper by omriher

Malicious HTTP traffic explorer

created at Jan. 13, 2015, 9:05 a.m.

63 +0

699 +1

159 +0

multiscanner by mitre

Modular file scanning/analysis framework

created at April 13, 2015, 2:58 p.m.

59 +0

610 +0

126 +1

see by WithSecureOpenSource

Sandboxed Execution Environment

created at Oct. 26, 2015, 11:13 a.m.

57 +0

806 -1

104 +0

cuckoo-modified by brad-accuvant

Modified edition of cuckoo

created at July 30, 2014, 6:10 p.m.

57 +0

268 +1

103 +0

malSploitBase by misterch0c

Malware exploits

created at Jan. 3, 2016, 8:16 p.m.

56 +0

530 +0

201 +0

HaboMalHunter by Tencent

HaboMalHunter is a sub-project of Habo Malware Analysis System (https://habo.qq.com), which can be used for automated malware analysis and security assessment on the Linux system.

created at Jan. 12, 2017, 6:17 a.m.

55 +0

722 +0

220 +0

pyinstxtractor by extremecoders-re

PyInstaller Extractor

created at March 25, 2020, 11:24 a.m.

54 +0

2,470 +27

573 +8

glastopf by mushorg

Web Application Honeypot

created at Nov. 15, 2012, 9:57 p.m.

52 +0

534 +2

174 +1

xortool by hellman

A tool to analyze multi-byte xor cipher

created at Jan. 18, 2011, 5:26 p.m.

48 +0

1,336 +1

170 +0

dionaea by DinoTools

Home of the dionaea honeypot

created at Dec. 21, 2015, 8:13 p.m.

44 +0

681 +1

183 +1

DC3-MWCP by Defense-Cyber-Crime-Center

DC3 Malware Configuration Parser (DC3-MWCP) is a framework for parsing configuration information from malware. The information extracted from malware includes items such as addresses, passwords, filenames, and mutex names.

created at May 6, 2015, 3:11 p.m.

43 +0

280 +0

58 +0

quark-engine by quark-engine

Dig Vulnerabilities in the BlackBox

created at Oct. 22, 2019, 1:19 a.m.

41 +0

1,231 +1

163 +0