A framework for receiving and redistributing abuse feeds
created at Nov. 25, 2015, 12:35 p.m.
Wraps around various tools and provides some additional checks/information to produce a centralized report of a PE file.
created at Jan. 16, 2013, 2:04 p.m.
Searches various online resources to try and get as much info about an IP/domain as possible.
created at Dec. 24, 2012, 5:50 p.m.
EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.
created at Oct. 5, 2013, 8:59 p.m.
Randomly changes Win32/64 PE Files for 'safer' uploading to malware and sandbox sites.
created at Oct. 10, 2013, 1:42 p.m.
A modular Python application to pull intelligence about malicious files
created at Aug. 30, 2016, 5:35 p.m.
Automatically exported from code.google.com/p/jsunpack-n
created at April 1, 2015, 11:51 p.m.
A Python library and command line tools to provide interactive log visualization.
created at Oct. 11, 2016, 3:33 p.m.
Based on the Volatility framework, this script will run various plugins as well as create a timeline, or use YARA/ClamAV/VirusTotal to find badness.
created at Sept. 21, 2013, 12:14 p.m.
Checks with NSRL RDS servers looking for for hash matches
created at March 2, 2013, 4:35 p.m.
Replay HTTP and HTTPS requests from a PCAP based on TLS Master Secrets.
created at July 26, 2015, 6 a.m.
Aggregates security threats from a number of online sources, and outputs to Syslog CEF, Snort Signatures, Iptables rules, hosts.deny, etc.
created at Feb. 27, 2015, 1:28 a.m.
Tool to help guess a files 256 byte XOR key by using frequency analysis
created at Jan. 22, 2013, 9:09 p.m.
A tool designed for consistent and safe capture of off network web resources.
created at Feb. 16, 2017, 9:07 p.m.