ngrep is like GNU grep applied to the network layer. It's a PCAP-based tool that allows you to specify an extended regular or hexadecimal expression to match against data payloads of packets. It understands many kinds of protocols, including IPv4/6, TCP, UDP, ICMPv4/6, IGMP and Raw, across a wide variety of interface types, and understands BPF filter logic in the same fashion as more common packet sniffing tools, such as tcpdump and snoop.
created at Dec. 30, 2009, 8:14 a.m.
DECAF (short for Dynamic Executable Code Analysis Framework) is a binary analysis platform based on QEMU. This is also the home of the DroidScope dynamic Android malware analysis platform. DroidScope is now an extension to DECAF.
created at Dec. 17, 2014, 1:53 a.m.
HaboMalHunter is a sub-project of Habo Malware Analysis System (https://habo.qq.com), which can be used for automated malware analysis and security assessment on the Linux system.
created at Jan. 12, 2017, 6:17 a.m.
A machine learning tool that ranks strings based on their relevance for malware analysis.
created at Sept. 5, 2019, 1:02 p.m.
Collection of almost 40.000 javascript malware samples
created at May 7, 2017, 7:17 p.m.
Tool to gather Threat Intelligence indicators from publicly available sources
created at Feb. 21, 2014, 5:33 p.m.