Malware by RPISEC

Course materials for Malware Analysis by RPISEC

created at Jan. 8, 2016, 4:10 p.m.

329 +0

3,767 +5

785 -1

ScyllaHide by x64dbg

Advanced usermode anti-anti-debugger. Forked from https://bitbucket.org/NtQuery/scyllahide

created at Jan. 27, 2016, 5:26 a.m.

91 +0

3,469 +13

434 +0

IDR by crypto2011

Interactive Delphi Reconstructor

created at Feb. 16, 2016, 12:39 p.m.

83 +0

968 +4

224 -1

flare-floss by mandiant

FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.

created at March 2, 2016, 8:16 p.m.

132 +0

3,253 +7

453 +1

VolUtility by kevthehermit

Web App for Volatility framework

created at March 21, 2016, 3:30 p.m.

40 +0

380 +0

82 +0

fibratus by rabbitstack

Adversary tradecraft detection, protection, and hunting

created at March 25, 2016, 11:28 a.m.

70 +0

2,210 +0

190 +0

awesome-forensics by cugu

⭐️ A curated list of awesome forensic analysis tools and resources

created at March 29, 2016, 8:54 p.m.

174 +0

3,995 +15

623 +0

data by aptnotes

APTnotes data

created at April 1, 2016, 2:44 p.m.

210 +0

1,658 +3

279 +0

ROPMEMU by Cisco-Talos

ROPMEMU is a framework to analyze, dissect and decompile complex code-reuse attacks.

created at May 24, 2016, 5:04 p.m.

32 +0

284 +0

42 +0

polichombr by ANSSI-FR

Collaborative malware analysis framework

created at May 31, 2016, 6:54 p.m.

38 +0

375 +0

60 +0

box-js by CapacitorSet

A tool for studying JavaScript malware.

created at June 17, 2016, 4:38 p.m.

39 +0

617 -1

84 +0

flare-fakenet-ng by mandiant

FakeNet-NG - Next Generation Dynamic Network Analysis Tool

created at June 27, 2016, 8:46 p.m.

113 +1

1,803 +4

361 +0

hostintel by keithjjones

A modular Python application to collect intelligence for malicious hosts.

created at Aug. 22, 2016, 8:25 p.m.

30 +0

262 +0

51 +0

squidmagic by ch3k1

analyze a web-based network traffic 🕶 to detect central command and control servers

created at Aug. 23, 2016, 9:45 a.m.

8 +0

78 +0

27 +0

fileintel by keithjjones

A modular Python application to pull intelligence about malicious files

created at Aug. 30, 2016, 5:35 p.m.

17 +0

118 +0

25 +0

cuckoo-modified-api by keithjjones

A Python library to interface with a cuckoo-modified instance

created at Sept. 25, 2016, 4:15 p.m.

6 +0

21 +0

7 +0

hachoir by vstinner

Hachoir is a Python library to view and edit a binary stream field by field

created at Oct. 1, 2016, 3:41 p.m.

24 +0

615 +0

69 +0

visualize_logs by keithjjones

A Python library and command line tools to provide interactive log visualization.

created at Oct. 11, 2016, 3:33 p.m.

15 +0

137 +0

30 +0

DemonHunter by RevengeComing

Distributed Honeypot

created at Oct. 25, 2016, 5:43 a.m.

9 +0

60 +0

12 +0

panda by moyix

Deprecated repo for PANDA 1.0 – see PANDA 2.0 repository

created at Nov. 22, 2016, 5:12 p.m.

10 +0

104 +0

42 +0