capa by mandiant

The FLARE team's open-source tool to identify capabilities in executable files.

created at June 16, 2020, 9:24 p.m.

82 +0

4,875 +18

560 +2

orochi by LDO-CERT

The Volatility Collaborative GUI

created at May 18, 2020, 2:01 p.m.

11 +0

225 +2

19 +0

malware-persistence by Karneades

Collection of malware persistence and hunting information. Be a persistent persistence hunter!

created at March 30, 2020, 1:52 p.m.

8 +0

165 +1

15 +0

pyinstxtractor by extremecoders-re

PyInstaller Extractor

created at March 25, 2020, 11:24 a.m.

57 +0

2,960 +20

611 -1

bluepill by season-lab

BluePill: Neutralizing Anti-Analysis Behavior in Malware Dissection (Black Hat Europe 2019, IEEE TIFS 2020)

created at Nov. 24, 2019, 9:35 p.m.

9 +0

121 +0

22 +0

quark-engine by quark-engine

Quark Agent - Your AI-powered Android APK Analyst

created at Oct. 22, 2019, 1:19 a.m.

42 +0

1,328 +5

170 +0

stringsifter by mandiant

A machine learning tool that ranks strings based on their relevance for malware analysis.

created at Sept. 5, 2019, 1:02 p.m.

29 +0

681 +2

125 +0

BoomBox by nbeede

Automatic deployment of Cuckoo Sandbox malware lab using Packer and Vagrant

created at July 31, 2019, 8:23 p.m.

8 +0

234 +0

38 +0

Malcolm by idaholab

Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.

created at May 13, 2019, 6:35 p.m.

19 +0

360 +1

59 +0

ghidra by NationalSecurityAgency

Ghidra is a software reverse engineering (SRE) framework

created at March 1, 2019, 3:27 a.m.

1,037 +4

51,864 +241

5,893 +20

unipacker by unipacker

Automatic and platform-independent unpacker for Windows binaries based on emulation

created at Feb. 7, 2019, 4:39 p.m.

32 +0

654 +1

83 +0

Nauz-File-Detector by horsicq

Linker/Compiler/Tool detector for Windows, Linux and MacOS.

created at Nov. 29, 2018, 2:28 p.m.

28 +0

525 +0

80 +0

CryptoKnight by AbertayMachineLearningGroup

Cryptographic Dataset Generation & Modelling Framework

created at Sept. 2, 2018, 3:15 p.m.

6 +0

38 +0

12 +0

yara-finder by uppusaikiran

Simple tool to find the yara matches on a file

created at Aug. 22, 2018, 6:52 a.m.

1 +0

1 +0

0 +0

iocextract by InQuest

Defanged Indicator of Compromise (IOC) Extractor.

created at April 17, 2018, 5:37 p.m.

28 +0

506 +1

91 +0

ember by elastic

Elastic Malware Benchmark for Empowering Researchers

created at April 11, 2018, 5:48 p.m.

52 +0

946 +1

277 +0

MalPipe by silascutler

Malware/IOC ingestion and processing engine

created at April 4, 2018, 10:05 p.m.

11 +0

103 +0

24 +0

mac-a-mal by phdphuc

The current repository contains all the scripts needed to build kernel-mode mac-a-mal malicious activity hooking on macOS.

created at March 12, 2018, 1:49 p.m.

10 +0

82 +0

24 +0

sandboxapi by InQuest

Minimal, consistent Python API for building integrations with malware sandboxes.

created at Jan. 16, 2018, 7:54 p.m.

21 +0

137 +0

40 +0

malware-organiser by uppusaikiran

A simple tool to organise large malicious/benign files into a organised Structure.

created at Nov. 21, 2017, 7:24 p.m.

1 +0

1 +0

0 +0