yeti by yeti-platform

Your Everyday Threat Intelligence

created at Dec. 13, 2015, 4:54 p.m.

100 +0

1,643 +5

279 +0

malice by maliceio

VirusTotal Wanna Be - Now with 100% more Hipster

created at Dec. 20, 2015, 11:12 p.m.

96 +0

1,617 +0

264 +1

conpot by mushorg

ICS/SCADA honeypot

created at March 20, 2013, 1:04 p.m.

96 +1

1,194 +1

406 +0

Krakatau by Storyyeller

Java decompiler, assembler, and disassembler

created at Oct. 20, 2012, 1:36 a.m.

95 +0

1,937 +1

216 +0

pyrebox by Cisco-Talos

Python scriptable Reverse Engineering Sandbox, a Virtual Machine instrumentation and inspection framework based on QEMU

created at July 7, 2017, 3:41 p.m.

95 +0

1,639 +1

249 +0

yarGen by Neo23x0

yarGen is a generator for YARA rules

created at Dec. 28, 2013, 3:10 p.m.

92 +0

1,467 +3

273 +0

bap by BinaryAnalysisPlatform

Binary Analysis Platform

created at Oct. 30, 2014, 11:59 a.m.

91 +0

1,999 +2

271 +0

combine by mlsecproject

Tool to gather Threat Intelligence indicators from publicly available sources

created at Feb. 21, 2014, 5:33 p.m.

90 +0

650 +1

179 +0

Noriben by Rurik

Noriben - Portable, Simple, Malware Analysis Sandbox

created at April 10, 2013, 8:37 p.m.

90 +0

1,078 +4

221 +0

ScyllaHide by x64dbg

Advanced usermode anti-anti-debugger. Forked from https://bitbucket.org/NtQuery/scyllahide

created at Jan. 27, 2016, 5:26 a.m.

87 +0

3,250 +11

407 +0

udis86 by vmt

Disassembler Library for x86 and x86-64

created at March 6, 2012, 7:36 a.m.

85 +0

989 +0

297 +0

IDR by crypto2011

Interactive Delphi Reconstructor

created at Feb. 16, 2016, 12:39 p.m.

82 +2

905 +3

214 +0

capa by mandiant

The FLARE team's open-source tool to identify capabilities in executable files.

created at June 16, 2020, 9:24 p.m.

79 +0

3,912 +15

494 +0

pharos by cmu-sei

Automated static analysis tools for binary programs

created at June 12, 2015, 5:51 p.m.

77 +0

1,492 +2

184 +0

thug by buffer

Python low-interaction honeyclient

created at Feb. 20, 2012, 11:56 a.m.

75 +0

960 +1

204 +0

bulk_extractor by simsong

This is the development tree. Production downloads are at:

created at April 3, 2012, 4:36 a.m.

74 +0

1,021 +2

181 +0

binaryalert by airbnb

BinaryAlert: Serverless, Real-time & Retroactive Malware Detection.

created at July 12, 2017, 9:27 p.m.

74 +0

1,382 +2

201 +0

HashCheck by gurnec

HashCheck Shell Extension for Windows with added SHA2, SHA3, and multithreading; originally from code.kliu.org

created at Dec. 5, 2014, 2:58 a.m.

72 +0

1,696 +1

195 +1

chopshop by MITRECND

Protocol Analysis/Decoder Framework

created at Sept. 18, 2012, 5:51 p.m.

71 +0

488 +0

111 +0

fibratus by rabbitstack

A modern tool for Windows kernel exploration and tracing with a focus on security

created at March 25, 2016, 11:28 a.m.

71 -1

2,093 +6

183 +0