SMRT by pidydx

Sublime Malware Research Tool

created at April 30, 2015, 4:22 p.m.

8 +0

64 +0

15 +0

ROPMEMU by Cisco-Talos

ROPMEMU is a framework to analyze, dissect and decompile complex code-reuse attacks.

created at May 24, 2016, 5:04 p.m.

32 +0

284 +0

42 +0

pyrebox by Cisco-Talos

Python scriptable Reverse Engineering Sandbox, a Virtual Machine instrumentation and inspection framework based on QEMU

created at July 7, 2017, 3:41 p.m.

95 +0

1,654 +0

249 +0

pyew by joxeankoret

Official repository for Pyew.

created at March 12, 2015, 5:05 p.m.

32 +0

383 +0

95 +0

pharos by cmu-sei

Automated static analysis tools for binary programs

created at June 12, 2015, 5:51 p.m.

78 +0

1,557 +1

191 +1

panda by moyix

Deprecated repo for PANDA 1.0 – see PANDA 2.0 repository

created at Nov. 22, 2016, 5:12 p.m.

10 +0

104 +0

42 +0

hackers-grep by codypierce

hackers-grep is a utility to search for strings in PE executables including imports, exports, and debug symbols

created at Aug. 31, 2015, 5:02 p.m.

9 +0

170 +1

19 +0

codebro by hugsy

Web based code browser using clang to provide basic code analysis.

created at Oct. 29, 2012, 8:31 a.m.

6 +0

44 +0

6 +0

binnavi by google

BinNavi is a binary analysis IDE that allows to inspect, navigate, edit and annotate control flow graphs and call graphs of disassembled code.

created at Aug. 19, 2015, 12:20 p.m.

220 +0

2,874 +2

453 +0

bap by BinaryAnalysisPlatform

Binary Analysis Platform

created at Oct. 30, 2014, 11:59 a.m.

93 +0

2,068 +0

273 +0

VirtualDeobfuscator by jnraber

Reverse engineering tool for virtualization wrappers

created at June 28, 2013, 6:55 p.m.

7 +0

133 +1

24 +0

PackerAttacker by BromiumLabs

C++ application that uses memory and code hooks to detect packers

created at April 15, 2015, 11:02 p.m.

30 +0

268 +0

72 +0

NoMoreXOR by hiddenillusion

Tool to help guess a files 256 byte XOR key by using frequency analysis

created at Jan. 22, 2013, 9:09 p.m.

12 +0

85 +0

20 +0

EVTXtract by williballenthin

EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.

created at Oct. 5, 2013, 8:59 p.m.

18 +0

189 +0

22 +0

pdfxray_lite by 9b

Lite version of PDF X-RAY that uses no backend

created at Nov. 11, 2011, 4:49 a.m.

7 +0

35 +0

9 +0

malpdfobj by 9b

Builds json representation of PDF malware sample

created at Jan. 1, 2011, 9:23 p.m.

8 +0

52 +0

16 +0

box-js by CapacitorSet

A tool for studying JavaScript malware.

created at June 17, 2016, 4:38 p.m.

39 +0

617 -1

84 +0

AnalyzePDF by hiddenillusion

Tool to help analyze PDF files

created at Dec. 2, 2013, 11:07 p.m.

23 +0

176 +0

41 +0

MaltegoVT by michael-yip

A set of Maltego transforms for VirusTotal Public API v2.0. This set has the added functionality of caching queries on a daily basis to speed up resolutions.

created at March 9, 2015, 6:52 a.m.

8 +0

79 +0

22 +0

scalpel by sleuthkit

Scalpel is an open source data carving tool. It is not being actively maintained.

created at June 27, 2013, 4:59 p.m.

44 +0

627 +0

99 +0