recomposer by secretsquirrel

Randomly changes Win32/64 PE Files for 'safer' uploading to malware and sandbox sites.

updated at Oct. 28, 2024, 7:50 a.m.

18 +0

130 +0

39 +0

HaboMalHunter by Tencent

HaboMalHunter is a sub-project of Habo Malware Analysis System (https://habo.qq.com), which can be used for automated malware analysis and security assessment on the Linux system.

updated at Oct. 28, 2024, 5:35 p.m.

55 +0

732 +0

220 +0

AnalyzePE by hiddenillusion

Wraps around various tools and provides some additional checks/information to produce a centralized report of a PE file.

updated at Oct. 29, 2024, 6:53 p.m.

19 +0

204 +0

35 +0

hachoir by vstinner

Hachoir is a Python library to view and edit a binary stream field by field

updated at Oct. 29, 2024, 8:21 p.m.

24 +0

615 +0

69 +0

PortEx by katjahahn

Java library to analyse Portable Executable files with a special focus on malware analysis and PE malformation robustness

updated at Oct. 31, 2024, 3:43 a.m.

44 +0

496 +0

95 +0

Hale by pjlantz

Botnet command & control monitor

updated at Nov. 1, 2024, 7:01 a.m.

17 +0

186 +0

64 +0

scalpel by sleuthkit

Scalpel is an open source data carving tool. It is not being actively maintained.

updated at Nov. 1, 2024, 12:59 p.m.

44 +0

627 +0

99 +0

EVTXtract by williballenthin

EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.

updated at Nov. 5, 2024, 9:26 a.m.

18 +0

189 +0

22 +0

tiq-test by mlsecproject

Threat Intelligence Quotient Test - Dataviz and Statistical Analysis of TI feeds

updated at Nov. 5, 2024, 4:54 p.m.

24 +0

171 +0

43 +0

plasma by plasma-disassembler

Plasma is an interactive disassembler for x86/ARM/MIPS. It can generates indented pseudo-code with colored syntax.

updated at Nov. 6, 2024, 6:42 a.m.

149 +0

3,047 +0

277 +0

chopshop by MITRECND

Protocol Analysis/Decoder Framework

updated at Nov. 6, 2024, 1:35 p.m.

71 +0

489 +0

112 +0

glastopf by mushorg

Web Application Honeypot

updated at Nov. 7, 2024, 8:07 p.m.

51 +0

561 +0

168 +0

BoomBox by nbeede

Automatic deployment of Cuckoo Sandbox malware lab using Packer and Vagrant

updated at Nov. 8, 2024, 5:29 a.m.

8 +0

234 +0

38 +0

pyrebox by Cisco-Talos

Python scriptable Reverse Engineering Sandbox, a Virtual Machine instrumentation and inspection framework based on QEMU

updated at Nov. 8, 2024, 9:08 a.m.

95 +0

1,654 +0

249 +0

peframe by guelfoweb

PEframe is a open source tool to perform static analysis on Portable Executable malware and malicious MS Office documents.

updated at Nov. 8, 2024, 9:41 p.m.

53 +0

610 +0

139 -1

Krakatau by Storyyeller

Java decompiler, assembler, and disassembler

updated at Nov. 9, 2024, 7:15 a.m.

95 +0

1,992 +0

221 +0

see by WithSecureOpenSource

Sandboxed Execution Environment

updated at Nov. 9, 2024, 12:32 p.m.

57 +0

813 +0

104 +0

httpreplay by hatching

Replay HTTP and HTTPS requests from a PCAP based on TLS Master Secrets.

updated at Nov. 10, 2024, 7:26 a.m.

13 +0

94 -1

35 +0

drakvuf by tklengyel

DRAKVUF Black-box Binary Analysis

updated at Nov. 11, 2024, 1:09 p.m.

62 +1

1,062 +2

255 +1

Manalyze by JusticeRage

A static analyzer for PE executables.

updated at Nov. 11, 2024, 3:23 p.m.

64 +0

1,018 +2

161 +1