Malfunction by Dynetics

Malware Analysis Tool using Function Level Fuzzy Hashing

created at Sept. 18, 2015, 5:55 p.m.

26 +0

191 +0

35 +0

AnalyzePE by hiddenillusion

Wraps around various tools and provides some additional checks/information to produce a centralized report of a PE file.

created at Jan. 16, 2013, 2:04 p.m.

19 +0

204 +0

35 +0

BoomBox by nbeede

Automatic deployment of Cuckoo Sandbox malware lab using Packer and Vagrant

created at July 31, 2019, 8:23 p.m.

8 +0

234 +0

38 +0

recomposer by secretsquirrel

Randomly changes Win32/64 PE Files for 'safer' uploading to malware and sandbox sites.

created at Oct. 10, 2013, 1:42 p.m.

18 +0

130 +0

39 +0

mnemosyne by johnnykv

Normalizer for honeypot data.

created at Dec. 21, 2012, 11:45 a.m.

8 +0

45 +0

39 +0

sandboxapi by InQuest

Minimal, consistent Python API for building integrations with malware sandboxes.

created at Jan. 16, 2018, 7:54 p.m.

21 +0

137 +0

40 +0

mastiff by KoreLogicSecurity

Malware static analysis framework

created at July 15, 2014, 8:23 p.m.

18 +0

174 +0

40 +0

AnalyzePDF by hiddenillusion

Tool to help analyze PDF files

created at Dec. 2, 2013, 11:07 p.m.

23 +0

176 +0

41 +0

ROPMEMU by Cisco-Talos

ROPMEMU is a framework to analyze, dissect and decompile complex code-reuse attacks.

created at May 24, 2016, 5:04 p.m.

32 +0

284 +0

42 +0

panda by moyix

Deprecated repo for PANDA 1.0 – see PANDA 2.0 repository

created at Nov. 22, 2016, 5:12 p.m.

10 +0

104 +0

42 +0

evolve by JamesHabben

Web interface for the Volatility Memory Forensics Framework

created at April 14, 2015, 1:26 a.m.

38 +0

259 +0

42 +0

tiq-test by mlsecproject

Threat Intelligence Quotient Test - Dataviz and Statistical Analysis of TI feeds

created at March 30, 2014, 6:52 p.m.

24 +0

171 +0

43 +0

malwarehouse by sroberts

A warehouse for your malware

created at June 12, 2012, 4:05 a.m.

22 +0

133 +0

43 +0

sflock by hatching

Sample staging & detonation utility to be used in combination with Cuckoo Sandbox.

created at Aug. 1, 2015, 12:56 a.m.

12 +0

83 +0

46 +0

DAMM by 504ensicsLabs

Differential Analysis of Malware in Memory

created at Sept. 16, 2014, 5:32 p.m.

31 +0

209 +0

48 +0

fsf by EmersonElectricCo

File Scanning Framework

created at Aug. 6, 2015, 1:34 a.m.

36 +0

289 +0

49 +0

VolDiff by aim4r

VolDiff: Malware Memory Footprint Analysis based on Volatility

created at April 19, 2015, 12:30 a.m.

28 +0

193 +1

50 +0

hostintel by keithjjones

A modular Python application to collect intelligence for malicious hosts.

created at Aug. 22, 2016, 8:25 p.m.

30 +0

262 +0

51 +0

aleph by merces

An Open Source Malware Analysis Pipeline System

created at July 29, 2013, 5:32 a.m.

35 +0

158 +0

53 +0

inVtero.net by ShaneK2

inVtero.net: A high speed (Gbps) Forensics, Memory integrity & assurance. Includes offensive & defensive memory capabilities. Find/Extract processes, hypervisors (including nested) in memory dumps using microarchitechture independent Virtual Machiene Introspection techniques

created at April 29, 2011, 4:37 a.m.

30 +0

279 +1

57 +0