HashCheck by gurnec

HashCheck Shell Extension for Windows with added SHA2, SHA3, and multithreading; originally from code.kliu.org

created at Dec. 5, 2014, 2:58 a.m.

71 +0

1,761 +0

194 +0

hachoir by vstinner

Hachoir is a Python library to view and edit a binary stream field by field

created at Oct. 1, 2016, 3:41 p.m.

24 +0

615 +0

69 +0

ngrep by jpr5

ngrep is like GNU grep applied to the network layer. It's a PCAP-based tool that allows you to specify an extended regular or hexadecimal expression to match against data payloads of packets. It understands many kinds of protocols, including IPv4/6, TCP, UDP, ICMPv4/6, IGMP and Raw, across a wide variety of interface types, and understands BPF filter logic in the same fashion as more common packet sniffing tools, such as tcpdump and snoop.

created at Dec. 30, 2009, 8:14 a.m.

23 +0

902 +2

101 +0

yeti by yeti-platform

Your Everyday Threat Intelligence

created at Dec. 13, 2015, 4:54 p.m.

102 +0

1,745 +4

288 +1

generic-parser by uppusaikiran

A Single Library Parser to extract meta information,static analysis and detect macros within the files.

created at Sept. 23, 2017, 1:26 p.m.

1 +0

1 +0

0 +0

malice by maliceio

VirusTotal Wanna Be - Now with 100% more Hipster

created at Dec. 20, 2015, 11:12 p.m.

96 +0

1,654 +5

266 +0

yara-finder by uppusaikiran

Simple tool to find the yara matches on a file

created at Aug. 22, 2018, 6:52 a.m.

1 +0

1 +0

0 +0

cowrie by cowrie

Cowrie SSH/Telnet Honeypot https://cowrie.readthedocs.io

created at May 12, 2015, 2:58 p.m.

123 -1

5,201 +17

889 +0

sflock by hatching

Sample staging & detonation utility to be used in combination with Cuckoo Sandbox.

created at Aug. 1, 2015, 12:56 a.m.

12 +0

83 +0

46 +0

httpreplay by hatching

Replay HTTP and HTTPS requests from a PCAP based on TLS Master Secrets.

created at July 26, 2015, 6 a.m.

13 +0

94 -1

35 +0

CryptoKnight by AbertayMachineLearningGroup

Cryptographic Dataset Generation & Modelling Framework

created at Sept. 2, 2018, 3:15 p.m.

6 +0

38 +0

12 +0

mac-a-mal by phdphuc

The current repository contains all the scripts needed to build kernel-mode mac-a-mal malicious activity hooking on macOS.

created at March 12, 2018, 1:49 p.m.

10 +0

82 +0

24 +0

IDR by crypto2011

Interactive Delphi Reconstructor

created at Feb. 16, 2016, 12:39 p.m.

83 +0

968 +4

224 -1

unipacker by unipacker

Automatic and platform-independent unpacker for Windows binaries based on emulation

created at Feb. 7, 2019, 4:39 p.m.

32 +0

654 +1

83 +0

hpfeeds by hpfeeds

Honeynet Project generic authenticated datafeed protocol

created at April 4, 2011, 3:19 p.m.

30 +0

211 +0

110 +0

ghidra by NationalSecurityAgency

Ghidra is a software reverse engineering (SRE) framework

created at March 1, 2019, 3:27 a.m.

1,037 +4

51,864 +241

5,893 +20

Malcolm by idaholab

Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.

created at May 13, 2019, 6:35 p.m.

19 +0

360 +1

59 +0

DECAF by decaf-project

DECAF (short for Dynamic Executable Code Analysis Framework) is a binary analysis platform based on QEMU. This is also the home of the DroidScope dynamic Android malware analysis platform. DroidScope is now an extension to DECAF.

created at Dec. 17, 2014, 1:53 a.m.

61 +0

805 +2

168 +0

BoomBox by nbeede

Automatic deployment of Cuckoo Sandbox malware lab using Packer and Vagrant

created at July 31, 2019, 8:23 p.m.

8 +0

234 +0

38 +0

cuckoo-modified by brad-accuvant

Modified edition of cuckoo

created at July 30, 2014, 6:10 p.m.

57 +0

271 +0

100 +0