Malfunction by Dynetics

Malware Analysis Tool using Function Level Fuzzy Hashing

created at Sept. 18, 2015, 5:55 p.m.

26 +0

191 +0

35 +0

hackers-grep by codypierce

hackers-grep is a utility to search for strings in PE executables including imports, exports, and debug symbols

created at Aug. 31, 2015, 5:02 p.m.

9 +0

170 +1

19 +0

binnavi by google

BinNavi is a binary analysis IDE that allows to inspect, navigate, edit and annotate control flow graphs and call graphs of disassembled code.

created at Aug. 19, 2015, 12:20 p.m.

220 +0

2,874 +2

453 +0

Manalyze by JusticeRage

A static analyzer for PE executables.

created at Aug. 16, 2015, 12:19 p.m.

64 +0

1,018 +2

161 +1

angr by angr

A powerful and user-friendly binary analysis platform!

created at Aug. 6, 2015, 9:46 p.m.

186 -1

7,594 +16

1,083 +0

fsf by EmersonElectricCo

File Scanning Framework

created at Aug. 6, 2015, 1:34 a.m.

36 +0

289 +0

49 +0

sflock by hatching

Sample staging & detonation utility to be used in combination with Cuckoo Sandbox.

created at Aug. 1, 2015, 12:56 a.m.

12 +0

83 +0

46 +0

httpreplay by hatching

Replay HTTP and HTTPS requests from a PCAP based on TLS Master Secrets.

created at July 26, 2015, 6 a.m.

13 +0

94 -1

35 +0

machinae by HurricaneLabs

Machinae Security Intelligence Collector

created at July 6, 2015, 3:14 p.m.

38 +0

504 +0

101 +0

Ragpicker by robbyFux

Ragpicker is a Plugin based malware crawler with pre-analysis and reporting functionalities. Use this tool if you are testing antivirus products, collecting malware for another analyzer/zoo.

created at July 3, 2015, 7:03 a.m.

15 +0

94 +1

25 +0

dnSpy by dnSpy

.NET debugger and assembly editor

created at July 1, 2015, 4:05 p.m.

991 -1

26,649 +42

5,110 +7

pharos by cmu-sei

Automated static analysis tools for binary programs

created at June 12, 2015, 5:51 p.m.

78 +0

1,557 +1

191 +1

laikaboss by lmco

Laika BOSS: Object Scanning System

created at June 12, 2015, 2:49 p.m.

132 +0

740 +1

156 +0

dnstwist by elceef

Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation

created at June 11, 2015, 12:24 p.m.

155 +0

4,912 +11

775 +2

AChoir by OMENScan

Windows Live Artifacts Acquisition Script

created at May 25, 2015, 7:48 p.m.

13 +0

183 +0

29 +0

awesome-infosec by onlurking

A curated list of awesome infosec courses and training resources.

created at May 13, 2015, 10:20 p.m.

295 +0

5,205 +10

737 -1

cowrie by cowrie

Cowrie SSH/Telnet Honeypot https://cowrie.readthedocs.io

created at May 12, 2015, 2:58 p.m.

123 -1

5,201 +17

889 +0

DC3-MWCP by Defense-Cyber-Crime-Center

DC3 Malware Configuration Parser (DC3-MWCP) is a framework for parsing configuration information from malware. The information extracted from malware includes items such as addresses, passwords, filenames, and mutex names.

created at May 6, 2015, 3:11 p.m.

43 +0

300 +1

59 +0

SMRT by pidydx

Sublime Malware Research Tool

created at April 30, 2015, 4:22 p.m.

8 +0

64 +0

15 +0

VolDiff by aim4r

VolDiff: Malware Memory Footprint Analysis based on Volatility

created at April 19, 2015, 12:30 a.m.

28 +0

193 +1

50 +0