ioc_writer by mandiant

None

updated at Aug. 18, 2024, 4:42 p.m.

40 +0

200 +0

61 +0

evolve by JamesHabben

Web interface for the Volatility Memory Forensics Framework

updated at Aug. 24, 2024, 4:08 p.m.

38 +0

259 +0

42 +0

mnemosyne by johnnykv

Normalizer for honeypot data.

updated at Sept. 1, 2024, 3:48 p.m.

8 +0

45 +0

39 +0

PyIOCe by pidydx

Python OpenIOC Editor

updated at Sept. 6, 2024, 1:49 p.m.

3 +0

17 +0

7 +0

generic-parser by uppusaikiran

A Single Library Parser to extract meta information,static analysis and detect macros within the files.

updated at Sept. 6, 2024, 1:52 p.m.

1 +0

1 +0

0 +0

Malfunction by Dynetics

Malware Analysis Tool using Function Level Fuzzy Hashing

updated at Sept. 6, 2024, 1:52 p.m.

26 +0

191 +0

35 +0

nsrllookup by rjhansen

Checks with NSRL RDS servers looking for for hash matches

updated at Sept. 6, 2024, 1:53 p.m.

13 +0

111 +0

10 +0

packerid by sooshie

None

updated at Sept. 6, 2024, 1:53 p.m.

5 +0

42 +0

9 +0

yara-finder by uppusaikiran

Simple tool to find the yara matches on a file

updated at Sept. 6, 2024, 1:53 p.m.

1 +0

1 +0

0 +0

malpdfobj by 9b

Builds json representation of PDF malware sample

updated at Sept. 6, 2024, 2:23 p.m.

8 +0

52 +0

16 +0

pdfxray_lite by 9b

Lite version of PDF X-RAY that uses no backend

updated at Sept. 6, 2024, 2:23 p.m.

7 +0

35 +0

9 +0

codebro by hugsy

Web based code browser using clang to provide basic code analysis.

updated at Sept. 6, 2024, 2:48 p.m.

6 +0

44 +0

6 +0

ROPMEMU by Cisco-Talos

ROPMEMU is a framework to analyze, dissect and decompile complex code-reuse attacks.

updated at Sept. 6, 2024, 2:50 p.m.

32 +0

284 +0

42 +0

DAMM by 504ensicsLabs

Differential Analysis of Malware in Memory

updated at Sept. 6, 2024, 3:06 p.m.

31 +0

209 +0

48 +0

muninn by ytisf

A short and small memory forensics helper.

updated at Sept. 6, 2024, 3:06 p.m.

11 +0

52 +0

9 +0

TotalRecall by sketchymoose

Based on the Volatility framework, this script will run various plugins as well as create a timeline, or use YARA/ClamAV/VirusTotal to find badness.

updated at Sept. 6, 2024, 3:07 p.m.

14 +0

49 +0

9 +0

CryptoKnight by AbertayMachineLearningGroup

Cryptographic Dataset Generation & Modelling Framework

updated at Sept. 6, 2024, 3:08 p.m.

6 +0

38 +0

12 +0

malware-organiser by uppusaikiran

A simple tool to organise large malicious/benign files into a organised Structure.

updated at Sept. 6, 2024, 3:09 p.m.

1 +0

1 +0

0 +0

massive-octo-spice by csirtgadgets

DEPRECATED - USE v3 (bearded-avenger)

updated at Sept. 16, 2024, 1:13 p.m.

55 +0

227 +0

60 +0

mac-a-mal by phdphuc

The current repository contains all the scripts needed to build kernel-mode mac-a-mal malicious activity hooking on macOS.

updated at Sept. 21, 2024, 10:11 a.m.

10 +0

82 +0

24 +0