mhn by pwnlandia

Modern Honey Network

created at May 28, 2014, 11:35 p.m.

243 +0

2,436 +3

631 +0

quark-engine by quark-engine

Quark Agent - Your AI-powered Android APK Analyst

created at Oct. 22, 2019, 1:19 a.m.

42 +0

1,328 +5

170 +0

Nauz-File-Detector by horsicq

Linker/Compiler/Tool detector for Windows, Linux and MacOS.

created at Nov. 29, 2018, 2:28 p.m.

28 +0

525 +0

80 +0

javascript-malware-collection by HynekPetrak

Collection of almost 40.000 javascript malware samples

created at May 7, 2017, 7:17 p.m.

37 +0

682 +5

237 +0

peframe by guelfoweb

PEframe is a open source tool to perform static analysis on Portable Executable malware and malicious MS Office documents.

created at March 12, 2014, 11:23 p.m.

53 +0

610 +0

139 -1

malware-persistence by Karneades

Collection of malware persistence and hunting information. Be a persistent persistence hunter!

created at March 30, 2020, 1:52 p.m.

8 +0

165 +1

15 +0

bluepill by season-lab

BluePill: Neutralizing Anti-Analysis Behavior in Malware Dissection (Black Hat Europe 2019, IEEE TIFS 2020)

created at Nov. 24, 2019, 9:35 p.m.

9 +0

121 +0

22 +0

ScyllaHide by x64dbg

Advanced usermode anti-anti-debugger. Forked from https://bitbucket.org/NtQuery/scyllahide

created at Jan. 27, 2016, 5:26 a.m.

91 +0

3,469 +13

434 +0

pyinstxtractor by extremecoders-re

PyInstaller Extractor

created at March 25, 2020, 11:24 a.m.

57 +0

2,960 +20

611 -1

Scylla by NtQuery

Imports Reconstructor

created at Sept. 13, 2011, 6:58 p.m.

55 +0

1,116 +7

232 +0

de4dot by de4dot

.NET deobfuscator and unpacker.

created at Sept. 20, 2011, 1:50 a.m.

514 +0

6,975 +10

2,692 +0

dnSpy by dnSpy

.NET debugger and assembly editor

created at July 1, 2015, 4:05 p.m.

991 -1

26,649 +42

5,110 +7

arkime by arkime

Arkime is an open source, large scale, full packet capturing, indexing, and database system.

created at July 6, 2012, 4:10 p.m.

351 +0

6,337 +7

1,042 +1

ember by elastic

Elastic Malware Benchmark for Empowering Researchers

created at April 11, 2018, 5:48 p.m.

52 +0

946 +1

277 +0

VolDiff by aim4r

VolDiff: Malware Memory Footprint Analysis based on Volatility

created at April 19, 2015, 12:30 a.m.

28 +0

193 +1

50 +0

PcapViz by mateuszk87

Visualize network topologies and collect graph statistics based on pcap files

created at Jan. 21, 2015, 10:57 p.m.

27 +0

342 +1

60 +0

iocs by mandiant

FireEye Publicly Shared Indicators of Compromise (IOCs)

created at Aug. 29, 2014, 12:47 a.m.

161 +0

463 +1

117 +0

flare-fakenet-ng by mandiant

FakeNet-NG - Next Generation Dynamic Network Analysis Tool

created at June 27, 2016, 8:46 p.m.

113 +1

1,803 +4

361 +0

stringsifter by mandiant

A machine learning tool that ranks strings based on their relevance for malware analysis.

created at Sept. 5, 2019, 1:02 p.m.

29 +0

681 +2

125 +0

flare-vm by mandiant

A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.

created at July 5, 2017, 9:17 p.m.

200 +0

6,588 +24

919 +2