EVTXtract by williballenthin

EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.

created at Oct. 5, 2013, 8:59 p.m.

18 +0

189 +0

22 +0

recomposer by secretsquirrel

Randomly changes Win32/64 PE Files for 'safer' uploading to malware and sandbox sites.

created at Oct. 10, 2013, 1:42 p.m.

18 +0

130 +0

39 +0

binwalk by ReFirmLabs

Firmware Analysis Tool

created at Nov. 15, 2013, 8:45 p.m.

359 +0

11,291 +59

1,559 +0

capstone by capstone-engine

Capstone disassembly/disassembler framework for ARM, ARM64 (ARMv8), Alpha, BPF, Ethereum VM, HPPA, LoongArch, M68K, M680X, Mips, MOS65XX, PPC, RISC-V(rv32G/rv64G), SH, Sparc, SystemZ, TMS320C64X, TriCore, Webassembly, XCore and X86.

created at Nov. 27, 2013, 2:32 a.m.

299 +0

7,608 +17

1,555 -1

AnalyzePDF by hiddenillusion

Tool to help analyze PDF files

created at Dec. 2, 2013, 11:07 p.m.

23 +0

176 +0

41 +0

yarGen by Neo23x0

yarGen is a generator for YARA rules

created at Dec. 28, 2013, 3:10 p.m.

91 +0

1,555 +3

281 +0

massive-octo-spice by csirtgadgets

DEPRECATED - USE v3 (bearded-avenger)

created at Jan. 6, 2014, 1:02 p.m.

55 +0

227 +0

60 +0

theZoo by ytisf

A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.

created at Jan. 9, 2014, 6:55 p.m.

811 +0

11,323 +21

2,514 +1

combine by mlsecproject

Tool to gather Threat Intelligence indicators from publicly available sources

created at Feb. 21, 2014, 5:33 p.m.

89 +0

655 +0

171 +0

peframe by guelfoweb

PEframe is a open source tool to perform static analysis on Portable Executable malware and malicious MS Office documents.

created at March 12, 2014, 11:23 p.m.

53 +0

610 +0

139 -1

tiq-test by mlsecproject

Threat Intelligence Quotient Test - Dataviz and Statistical Analysis of TI feeds

created at March 30, 2014, 6:52 p.m.

24 +0

171 +0

43 +0

volatility by volatilityfoundation

An advanced memory forensics framework

created at April 24, 2014, 3:45 p.m.

309 +0

7,349 +26

1,280 +2

mhn by pwnlandia

Modern Honey Network

created at May 28, 2014, 11:35 p.m.

243 +0

2,436 +3

631 +0

Detect-It-Easy by horsicq

Program for determining types of files for Windows, Linux and MacOS.

created at June 1, 2014, 9:37 p.m.

175 +1

7,629 +65

731 +1

python-dshield by rshipp

Pythonic interface to the Internet Storm Center / DShield API.

created at July 1, 2014, 1:54 p.m.

4 +0

28 +0

13 +0

mastiff by KoreLogicSecurity

Malware static analysis framework

created at July 15, 2014, 8:23 p.m.

18 +0

174 +0

40 +0

muninn by ytisf

A short and small memory forensics helper.

created at July 26, 2014, 9:14 a.m.

11 +0

52 +0

9 +0

cuckoo-modified by brad-accuvant

Modified edition of cuckoo

created at July 30, 2014, 6:10 p.m.

57 +0

271 +0

100 +0

awesome-pentest by enaqx

A collection of awesome penetration testing resources, tools and other shiny things

created at Aug. 3, 2014, 11:13 p.m.

1,173 +2

21,912 +35

4,479 +0

drakvuf by tklengyel

DRAKVUF Black-box Binary Analysis

created at Aug. 23, 2014, 10 a.m.

62 +1

1,062 +2

255 +1