fibratus by rabbitstack

Adversary tradecraft detection, protection, and hunting

created at March 25, 2016, 11:28 a.m.

70 +0

2,210 +0

190 +0

barf-project by programa-stic

BARF : A multiplatform open source Binary Analysis and Reverse engineering Framework

created at Oct. 23, 2014, 2:33 p.m.

69 +0

1,412 +2

168 +0

Manalyze by JusticeRage

A static analyzer for PE executables.

created at Aug. 16, 2015, 12:19 p.m.

64 +0

1,018 +2

161 +1

CapTipper by omriher

Malicious HTTP traffic explorer

created at Jan. 13, 2015, 9:05 a.m.

63 +0

711 +1

159 +0

wdbgark by swwwolf

WinDBG Anti-RootKit Extension

created at Nov. 22, 2014, 10:53 a.m.

63 +0

615 +1

178 +0

drakvuf by tklengyel

DRAKVUF Black-box Binary Analysis

created at Aug. 23, 2014, 10 a.m.

62 +1

1,062 +2

255 +1

DECAF by decaf-project

DECAF (short for Dynamic Executable Code Analysis Framework) is a binary analysis platform based on QEMU. This is also the home of the DroidScope dynamic Android malware analysis platform. DroidScope is now an extension to DECAF.

created at Dec. 17, 2014, 1:53 a.m.

61 +0

805 +2

168 +0

multiscanner by mitre

Modular file scanning/analysis framework

created at April 13, 2015, 2:58 p.m.

60 +0

617 +0

125 +0

hashdeep by jessek

None

created at June 12, 2012, 11:35 a.m.

60 +0

709 +3

132 +0

see by WithSecureOpenSource

Sandboxed Execution Environment

created at Oct. 26, 2015, 11:13 a.m.

57 +0

813 +0

104 +0

cuckoo-modified by brad-accuvant

Modified edition of cuckoo

created at July 30, 2014, 6:10 p.m.

57 +0

271 +0

100 +0

pyinstxtractor by extremecoders-re

PyInstaller Extractor

created at March 25, 2020, 11:24 a.m.

57 +0

2,960 +20

611 -1

malSploitBase by misterch0c

Malware exploits

created at Jan. 3, 2016, 8:16 p.m.

56 +0

538 +1

197 +0

malheur by rieck

A Tool for Automatic Analysis of Malware Behavior

created at May 6, 2009, 10:03 a.m.

56 +0

368 +0

101 +0

HaboMalHunter by Tencent

HaboMalHunter is a sub-project of Habo Malware Analysis System (https://habo.qq.com), which can be used for automated malware analysis and security assessment on the Linux system.

created at Jan. 12, 2017, 6:17 a.m.

55 +0

732 +0

220 +0

massive-octo-spice by csirtgadgets

DEPRECATED - USE v3 (bearded-avenger)

created at Jan. 6, 2014, 1:02 p.m.

55 +0

227 +0

60 +0

Scylla by NtQuery

Imports Reconstructor

created at Sept. 13, 2011, 6:58 p.m.

55 +0

1,116 +7

232 +0

peframe by guelfoweb

PEframe is a open source tool to perform static analysis on Portable Executable malware and malicious MS Office documents.

created at March 12, 2014, 11:23 p.m.

53 +0

610 +0

139 -1

ember by elastic

Elastic Malware Benchmark for Empowering Researchers

created at April 11, 2018, 5:48 p.m.

52 +0

946 +1

277 +0

glastopf by mushorg

Web Application Honeypot

created at Nov. 15, 2012, 9:57 p.m.

51 +0

561 +0

168 +0