PackerAttacker by BromiumLabs

C++ application that uses memory and code hooks to detect packers

created at April 15, 2015, 11:02 p.m.

30 +0

268 +0

72 +0

evolve by JamesHabben

Web interface for the Volatility Memory Forensics Framework

created at April 14, 2015, 1:26 a.m.

38 +0

259 +0

42 +0

multiscanner by mitre

Modular file scanning/analysis framework

created at April 13, 2015, 2:58 p.m.

60 +0

617 +0

125 +0

rules by Yara-Rules

Repository of yara rules

created at April 11, 2015, 5:56 a.m.

351 +1

4,178 +7

1,008 +2

jsunpack-n by urule99

Automatically exported from code.google.com/p/jsunpack-n

created at April 1, 2015, 11:51 p.m.

16 +0

162 +1

65 +0

gef by hugsy

GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux

created at March 26, 2015, 10:25 p.m.

137 +0

7,006 +28

737 +3

pics by corkami

File formats dissections and more...

created at March 26, 2015, 4:38 p.m.

364 +0

10,521 +3

734 -2

pyew by joxeankoret

Official repository for Pyew.

created at March 12, 2015, 5:05 p.m.

32 +0

383 +0

95 +0

plasma by plasma-disassembler

Plasma is an interactive disassembler for x86/ARM/MIPS. It can generates indented pseudo-code with colored syntax.

created at March 9, 2015, 9:16 p.m.

149 +0

3,047 +0

277 +0

ThreatTracker by michael-yip

ThreatTracker is a Python script designed to monitor and generate alerts on given sets of indicators of compromise (IOCs) indexed by a set of Google Custom Search Engines.

created at March 9, 2015, 7:19 a.m.

7 +0

66 +0

13 +0

MaltegoVT by michael-yip

A set of Maltego transforms for VirusTotal Public API v2.0. This set has the added functionality of caching queries on a daily basis to speed up resolutions.

created at March 9, 2015, 6:52 a.m.

8 +0

79 +0

22 +0

malsub by diogo-fernan

A Python RESTful API framework for online malware analysis and threat intelligence services.

created at Feb. 27, 2015, 10:43 p.m.

36 +0

368 +0

80 -3

threataggregator by jpsenior

Aggregates security threats from a number of online sources, and outputs to Syslog CEF, Snort Signatures, Iptables rules, hosts.deny, etc.

created at Feb. 27, 2015, 1:28 a.m.

12 +0

79 +0

27 +0

PyIOCe by pidydx

Python OpenIOC Editor

created at Feb. 5, 2015, 8:28 p.m.

3 +0

17 +0

7 +0

python-evt by williballenthin

Pure Python parser for classic Windows Event Log files (.evt)

created at Jan. 24, 2015, 4:07 p.m.

6 +0

48 +0

11 +0

PcapViz by mateuszk87

Visualize network topologies and collect graph statistics based on pcap files

created at Jan. 21, 2015, 10:57 p.m.

27 +0

342 +1

60 +0

Loki by Neo23x0

Loki - Simple IOC and YARA Scanner

created at Jan. 18, 2015, 8:39 a.m.

184 +0

3,402 +7

583 +0

CapTipper by omriher

Malicious HTTP traffic explorer

created at Jan. 13, 2015, 9:05 a.m.

63 +0

711 +1

159 +0

DECAF by decaf-project

DECAF (short for Dynamic Executable Code Analysis Framework) is a binary analysis platform based on QEMU. This is also the home of the DroidScope dynamic Android malware analysis platform. DroidScope is now an extension to DECAF.

created at Dec. 17, 2014, 1:53 a.m.

61 +0

805 +2

168 +0

broyara by hempnall

integrating bro into yara

created at Dec. 8, 2014, 10:29 p.m.

5 +0

33 +0

5 +0