muninn by ytisf

A short and small memory forensics helper.

created at July 26, 2014, 9:14 a.m.

11 +0

52 +0

9 +0

MalPipe by silascutler

Malware/IOC ingestion and processing engine

created at April 4, 2018, 10:05 p.m.

11 +0

103 +0

24 +0

orochi by LDO-CERT

The Volatility Collaborative GUI

created at May 18, 2020, 2:01 p.m.

11 +0

225 +2

19 +0

mac-a-mal by phdphuc

The current repository contains all the scripts needed to build kernel-mode mac-a-mal malicious activity hooking on macOS.

created at March 12, 2018, 1:49 p.m.

10 +0

82 +0

24 +0

panda by moyix

Deprecated repo for PANDA 1.0 – see PANDA 2.0 repository

created at Nov. 22, 2016, 5:12 p.m.

10 +0

104 +0

42 +0

bluepill by season-lab

BluePill: Neutralizing Anti-Analysis Behavior in Malware Dissection (Black Hat Europe 2019, IEEE TIFS 2020)

created at Nov. 24, 2019, 9:35 p.m.

9 +0

121 +0

22 +0

hackers-grep by codypierce

hackers-grep is a utility to search for strings in PE executables including imports, exports, and debug symbols

created at Aug. 31, 2015, 5:02 p.m.

9 +0

170 +1

19 +0

DemonHunter by RevengeComing

Distributed Honeypot

created at Oct. 25, 2016, 5:43 a.m.

9 +0

60 +0

12 +0

squidmagic by ch3k1

analyze a web-based network traffic 🕶 to detect central command and control servers

created at Aug. 23, 2016, 9:45 a.m.

8 +0

78 +0

27 +0

mnemosyne by johnnykv

Normalizer for honeypot data.

created at Dec. 21, 2012, 11:45 a.m.

8 +0

45 +0

39 +0

BoomBox by nbeede

Automatic deployment of Cuckoo Sandbox malware lab using Packer and Vagrant

created at July 31, 2019, 8:23 p.m.

8 +0

234 +0

38 +0

SMRT by pidydx

Sublime Malware Research Tool

created at April 30, 2015, 4:22 p.m.

8 +0

64 +0

15 +0

malpdfobj by 9b

Builds json representation of PDF malware sample

created at Jan. 1, 2011, 9:23 p.m.

8 +0

52 +0

16 +0

MaltegoVT by michael-yip

A set of Maltego transforms for VirusTotal Public API v2.0. This set has the added functionality of caching queries on a daily basis to speed up resolutions.

created at March 9, 2015, 6:52 a.m.

8 +0

79 +0

22 +0

malware-persistence by Karneades

Collection of malware persistence and hunting information. Be a persistent persistence hunter!

created at March 30, 2020, 1:52 p.m.

8 +0

165 +1

15 +0

pdfxray_lite by 9b

Lite version of PDF X-RAY that uses no backend

created at Nov. 11, 2011, 4:49 a.m.

7 +0

35 +0

9 +0

ThreatTracker by michael-yip

ThreatTracker is a Python script designed to monitor and generate alerts on given sets of indicators of compromise (IOCs) indexed by a set of Google Custom Search Engines.

created at March 9, 2015, 7:19 a.m.

7 +0

66 +0

13 +0

VirtualDeobfuscator by jnraber

Reverse engineering tool for virtualization wrappers

created at June 28, 2013, 6:55 p.m.

7 +0

133 +1

24 +0

python-icap-yara by RamadhanAmizudin

An ICAP Server with yara scanner for URL and content.

created at Feb. 6, 2017, 4:17 p.m.

6 +0

57 +0

13 +0

codebro by hugsy

Web based code browser using clang to provide basic code analysis.

created at Oct. 29, 2012, 8:31 a.m.

6 +0

44 +0

6 +0