EVTXtract by williballenthin

EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.

updated at May 25, 2024, 8:21 a.m.

18 +0

175 +2

24 +0

yarGen by Neo23x0

yarGen is a generator for YARA rules

updated at May 25, 2024, 7:57 a.m.

92 +0

1,467 +3

273 +0

rules by Yara-Rules

Repository of yara rules

updated at May 25, 2024, 7:47 a.m.

350 +1

3,993 +8

981 -1

flare-fakenet-ng by mandiant

FakeNet-NG - Next Generation Dynamic Network Analysis Tool

updated at May 25, 2024, 7:06 a.m.

112 +0

1,705 +0

352 -2

pics by corkami

File formats dissections and more...

updated at May 25, 2024, 5:13 a.m.

360 +0

10,337 +4

740 +0

ngrep by jpr5

ngrep is like GNU grep applied to the network layer. It's a PCAP-based tool that allows you to specify an extended regular or hexadecimal expression to match against data payloads of packets. It understands many kinds of protocols, including IPv4/6, TCP, UDP, ICMPv4/6, IGMP and Raw, across a wide variety of interface types, and understands BPF filter logic in the same fashion as more common packet sniffing tools, such as tcpdump and snoop.

updated at May 25, 2024, 3:55 a.m.

23 +0

854 +2

98 +0

Zeus by Visgean

NOT MY CODE! Zeus trojan horse - leaked in 2011, I am not the author. This repository is for study purposes only, do not message me about your lame hacking attempts.

updated at May 25, 2024, 12:40 a.m.

138 +0

1,359 +2

692 -1

bulk_extractor by simsong

This is the development tree. Production downloads are at:

updated at May 25, 2024, 12:15 a.m.

74 +0

1,021 +2

181 +0

javascript-malware-collection by HynekPetrak

Collection of almost 40.000 javascript malware samples

updated at May 25, 2024, 12:11 a.m.

37 +0

632 +0

236 +0

xortool by hellman

A tool to analyze multi-byte xor cipher

updated at May 24, 2024, 10:35 p.m.

48 +0

1,341 +2

170 -1

plasma by plasma-disassembler

Plasma is an interactive disassembler for x86/ARM/MIPS. It can generates indented pseudo-code with colored syntax.

updated at May 24, 2024, 8:38 p.m.

149 +0

3,042 +0

278 +0

cowrie by cowrie

Cowrie SSH/Telnet Honeypot https://cowrie.readthedocs.io

updated at May 24, 2024, 6:32 p.m.

123 +0

4,940 +9

853 +2

pyew by joxeankoret

Official repository for Pyew.

updated at May 24, 2024, 6:31 p.m.

32 +0

380 +1

101 +0

HaboMalHunter by Tencent

HaboMalHunter is a sub-project of Habo Malware Analysis System (https://habo.qq.com), which can be used for automated malware analysis and security assessment on the Linux system.

updated at May 24, 2024, 5:07 p.m.

55 +0

723 +1

220 +0

bap by BinaryAnalysisPlatform

Binary Analysis Platform

updated at May 24, 2024, 4:59 p.m.

91 +0

1,999 +2

271 +0

binaryalert by airbnb

BinaryAlert: Serverless, Real-time & Retroactive Malware Detection.

updated at May 24, 2024, 4:41 p.m.

74 +0

1,382 +2

201 +0

malcom by tomchop

Malcom - Malware Communications Analyzer

updated at May 24, 2024, 4:30 p.m.

132 +0

1,141 +1

214 +0

arkime by arkime

Arkime is an open source, large scale, full packet capturing, indexing, and database system.

updated at May 24, 2024, 4:24 p.m.

349 +0

6,151 +10

1,030 -1

awesome-industrial-control-system-security by hslatman

A curated list of resources related to Industrial Control System (ICS) security.

updated at May 24, 2024, 3:42 p.m.

134 +0

1,523 +8

416 +0

Malcolm by idaholab

Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.

updated at May 24, 2024, 3:42 p.m.

19 +1

316 +2

50 +0