chopshop by MITRECND

Protocol Analysis/Decoder Framework

created at Sept. 18, 2012, 5:51 p.m.

Python

71 +0

489 +0

112 +0

GitHub
Krakatau by Storyyeller

Java decompiler, assembler, and disassembler

created at Oct. 20, 2012, 1:36 a.m.

Rust

95 +0

1,992 +0

221 +0

GitHub
codebro by hugsy

Web based code browser using clang to provide basic code analysis.

created at Oct. 29, 2012, 8:31 a.m.

HTML

6 +0

44 +0

6 +0

GitHub
glastopf by mushorg

Web Application Honeypot

created at Nov. 15, 2012, 9:57 p.m.

Python

51 +0

561 +0

168 +0

GitHub
mnemosyne by johnnykv

Normalizer for honeypot data.

created at Dec. 21, 2012, 11:45 a.m.

Python

8 +0

45 +0

39 +0

GitHub
IPinfo by hiddenillusion

Searches various online resources to try and get as much info about an IP/domain as possible.

created at Dec. 24, 2012, 5:50 p.m.

Python

19 +0

100 +1

28 +0

GitHub
AnalyzePE by hiddenillusion

Wraps around various tools and provides some additional checks/information to produce a centralized report of a PE file.

created at Jan. 16, 2013, 2:04 p.m.

Python

19 +0

204 +0

35 +0

GitHub
NoMoreXOR by hiddenillusion

Tool to help guess a files 256 byte XOR key by using frequency analysis

created at Jan. 22, 2013, 9:09 p.m.

Python

12 +0

85 +0

20 +0

GitHub
MISP by MISP

MISP (core software) - Open Source Threat Intelligence and Sharing Platform

created at Feb. 7, 2013, 5:10 p.m.

PHP

279 +2

5,384 +23

1,402 +7

GitHub
nsrllookup by rjhansen

Checks with NSRL RDS servers looking for for hash matches

created at March 2, 2013, 4:35 p.m.

C++

13 +0

111 +0

10 +0

GitHub
mailchecker by FGRibreau

mailbox Cross-language temporary (disposable/throwaway) email detection library. Covers 55 734+ fake email providers.

created at March 4, 2013, 3 p.m.

PHP

35 +0

1,628 +2

255 +1

GitHub
conpot by mushorg

ICS/SCADA honeypot

created at March 20, 2013, 1:04 p.m.

Python

96 +0

1,242 +2

414 +0

GitHub
Noriben by Rurik

Noriben - Portable, Simple, Malware Analysis Sandbox

created at April 10, 2013, 8:37 p.m.

Python

90 +0

1,120 +3

222 +0

GitHub
malcom by tomchop

Malcom - Malware Communications Analyzer

created at June 4, 2013, 3:06 p.m.

Python

131 +0

1,155 +1

215 +0

GitHub
scalpel by sleuthkit

Scalpel is an open source data carving tool. It is not being actively maintained.

created at June 27, 2013, 4:59 p.m.

Shell

44 +0

627 +0

99 +0

GitHub
VirtualDeobfuscator by jnraber

Reverse engineering tool for virtualization wrappers

created at June 28, 2013, 6:55 p.m.

Python

7 +0

133 +1

24 +0

GitHub
ioc_writer by mandiant

None

created at July 24, 2013, 6:33 p.m.

Python

40 +0

200 +0

61 +0

GitHub
aleph by merces

An Open Source Malware Analysis Pipeline System

created at July 29, 2013, 5:32 a.m.

CSS

35 +0

158 +0

53 +0

GitHub
TotalRecall by sketchymoose

Based on the Volatility framework, this script will run various plugins as well as create a timeline, or use YARA/ClamAV/VirusTotal to find badness.

created at Sept. 21, 2013, 12:14 p.m.

Python

14 +0

49 +0

9 +0

GitHub
PortEx by katjahahn

Java library to analyse Portable Executable files with a special focus on malware analysis and PE malformation robustness

created at Sept. 27, 2013, 6:34 a.m.

Scala

44 +0

496 +0

95 +0

GitHub