plasma by plasma-disassembler

Plasma is an interactive disassembler for x86/ARM/MIPS. It can generates indented pseudo-code with colored syntax.

updated at Nov. 6, 2024, 6:42 a.m.

149 +0

3,047 +0

277 +0

tiq-test by mlsecproject

Threat Intelligence Quotient Test - Dataviz and Statistical Analysis of TI feeds

updated at Nov. 5, 2024, 4:54 p.m.

24 +0

171 +0

43 +0

EVTXtract by williballenthin

EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.

updated at Nov. 5, 2024, 9:26 a.m.

18 +0

189 +0

22 +0

scalpel by sleuthkit

Scalpel is an open source data carving tool. It is not being actively maintained.

updated at Nov. 1, 2024, 12:59 p.m.

44 +0

627 +0

99 +0

Hale by pjlantz

Botnet command & control monitor

updated at Nov. 1, 2024, 7:01 a.m.

17 +0

186 +0

64 +0

PortEx by katjahahn

Java library to analyse Portable Executable files with a special focus on malware analysis and PE malformation robustness

updated at Oct. 31, 2024, 3:43 a.m.

44 +0

496 +0

95 +0

hachoir by vstinner

Hachoir is a Python library to view and edit a binary stream field by field

updated at Oct. 29, 2024, 8:21 p.m.

24 +0

615 +0

69 +0

AnalyzePE by hiddenillusion

Wraps around various tools and provides some additional checks/information to produce a centralized report of a PE file.

updated at Oct. 29, 2024, 6:53 p.m.

19 +0

204 +0

35 +0

HaboMalHunter by Tencent

HaboMalHunter is a sub-project of Habo Malware Analysis System (https://habo.qq.com), which can be used for automated malware analysis and security assessment on the Linux system.

updated at Oct. 28, 2024, 5:35 p.m.

55 +0

732 +0

220 +0

recomposer by secretsquirrel

Randomly changes Win32/64 PE Files for 'safer' uploading to malware and sandbox sites.

updated at Oct. 28, 2024, 7:50 a.m.

18 +0

130 +0

39 +0

SMRT by pidydx

Sublime Malware Research Tool

updated at Oct. 28, 2024, 3:59 a.m.

8 +0

64 +0

15 +0

panda by moyix

Deprecated repo for PANDA 1.0 – see PANDA 2.0 repository

updated at Oct. 27, 2024, 1:11 p.m.

10 +0

104 +0

42 +0

multiscanner by mitre

Modular file scanning/analysis framework

updated at Oct. 21, 2024, 10:37 a.m.

60 +0

617 +0

125 +0

mastiff by KoreLogicSecurity

Malware static analysis framework

updated at Oct. 21, 2024, 10:37 a.m.

18 +0

174 +0

40 +0

machinae by HurricaneLabs

Machinae Security Intelligence Collector

updated at Oct. 18, 2024, 4:54 p.m.

38 +0

504 +0

101 +0

PackerAttacker by BromiumLabs

C++ application that uses memory and code hooks to detect packers

updated at Oct. 17, 2024, 8:23 a.m.

30 +0

268 +0

72 +0

pyew by joxeankoret

Official repository for Pyew.

updated at Oct. 17, 2024, 6:06 a.m.

32 +0

383 +0

95 +0

fsf by EmersonElectricCo

File Scanning Framework

updated at Oct. 16, 2024, 1:04 p.m.

36 +0

289 +0

49 +0

polichombr by ANSSI-FR

Collaborative malware analysis framework

updated at Oct. 16, 2024, 2:10 a.m.

38 +0

375 +0

60 +0

VolUtility by kevthehermit

Web App for Volatility framework

updated at Oct. 16, 2024, 12:01 a.m.

40 +0

380 +0

82 +0