thug by buffer

Python low-interaction honeyclient

updated at Nov. 13, 2024, 8:07 p.m.

76 +0

994 +3

204 +2

Ragpicker by robbyFux

Ragpicker is a Plugin based malware crawler with pre-analysis and reporting functionalities. Use this tool if you are testing antivirus products, collecting malware for another analyzer/zoo.

updated at Nov. 13, 2024, 6:28 p.m.

15 +0

94 +1

25 +0

binaryalert by airbnb

BinaryAlert: Serverless, Real-time & Retroactive Malware Detection.

updated at Nov. 13, 2024, 3:15 p.m.

73 +0

1,409 +2

187 +0

data by aptnotes

APTnotes data

updated at Nov. 13, 2024, 5:38 a.m.

210 +0

1,658 +3

279 +0

Limon by monnappa22

Limon is a sandbox developed as a research project written in python, which automatically collects, analyzes, and reports on the run time indicators of Linux malware. It allows one to inspect Linux malware before execution, during execution, and after execution (post-mortem analysis) by performing static, dynamic and memory analysis using open source tools

updated at Nov. 12, 2024, 3:43 p.m.

38 +0

389 -1

115 +0

stringsifter by mandiant

A machine learning tool that ranks strings based on their relevance for malware analysis.

updated at Nov. 12, 2024, 1:17 p.m.

29 +0

681 +2

125 +0

IPinfo by hiddenillusion

Searches various online resources to try and get as much info about an IP/domain as possible.

updated at Nov. 12, 2024, 5:26 a.m.

19 +0

100 +1

28 +0

hackers-grep by codypierce

hackers-grep is a utility to search for strings in PE executables including imports, exports, and debug symbols

updated at Nov. 12, 2024, 2:27 a.m.

9 +0

170 +1

19 +0

iocs by mandiant

FireEye Publicly Shared Indicators of Compromise (IOCs)

updated at Nov. 12, 2024, 12:39 a.m.

161 +0

463 +1

117 +0

dionaea by DinoTools

Home of the dionaea honeypot

updated at Nov. 11, 2024, 4:39 p.m.

45 +0

713 +1

182 +0

Manalyze by JusticeRage

A static analyzer for PE executables.

updated at Nov. 11, 2024, 3:23 p.m.

64 +0

1,018 +2

161 +1

drakvuf by tklengyel

DRAKVUF Black-box Binary Analysis

updated at Nov. 11, 2024, 1:09 p.m.

62 +1

1,062 +2

255 +1

httpreplay by hatching

Replay HTTP and HTTPS requests from a PCAP based on TLS Master Secrets.

updated at Nov. 10, 2024, 7:26 a.m.

13 +0

94 -1

35 +0

see by WithSecureOpenSource

Sandboxed Execution Environment

updated at Nov. 9, 2024, 12:32 p.m.

57 +0

813 +0

104 +0

Krakatau by Storyyeller

Java decompiler, assembler, and disassembler

updated at Nov. 9, 2024, 7:15 a.m.

95 +0

1,992 +0

221 +0

peframe by guelfoweb

PEframe is a open source tool to perform static analysis on Portable Executable malware and malicious MS Office documents.

updated at Nov. 8, 2024, 9:41 p.m.

53 +0

610 +0

139 -1

pyrebox by Cisco-Talos

Python scriptable Reverse Engineering Sandbox, a Virtual Machine instrumentation and inspection framework based on QEMU

updated at Nov. 8, 2024, 9:08 a.m.

95 +0

1,654 +0

249 +0

BoomBox by nbeede

Automatic deployment of Cuckoo Sandbox malware lab using Packer and Vagrant

updated at Nov. 8, 2024, 5:29 a.m.

8 +0

234 +0

38 +0

glastopf by mushorg

Web Application Honeypot

updated at Nov. 7, 2024, 8:07 p.m.

51 +0

561 +0

168 +0

chopshop by MITRECND

Protocol Analysis/Decoder Framework

updated at Nov. 6, 2024, 1:35 p.m.

71 +0

489 +0

112 +0