box-js by CapacitorSet

A tool for studying JavaScript malware.

created at June 17, 2016, 4:38 p.m.

JavaScript

39 +0

620 +1

85 +1

GitHub
wdbgark by swwwolf

WinDBG Anti-RootKit Extension

created at Nov. 22, 2014, 10:53 a.m.

C++

63 +0

617 +1

178 +0

GitHub
hachoir by vstinner

Hachoir is a Python library to view and edit a binary stream field by field

created at Oct. 1, 2016, 3:41 p.m.

Python

24 +0

617 +1

69 +0

GitHub
multiscanner by mitre

Modular file scanning/analysis framework

created at April 13, 2015, 2:58 p.m.

Python

60 +0

616 +1

125 +0

GitHub
peframe by guelfoweb

PEframe is a open source tool to perform static analysis on Portable Executable malware and malicious MS Office documents.

created at March 12, 2014, 11:23 p.m.

YARA

53 +0

611 +0

139 +0

GitHub
glastopf by mushorg

Web Application Honeypot

created at Nov. 15, 2012, 9:57 p.m.

Python

51 +0

561 +0

168 -1

GitHub
malSploitBase by misterch0c

Malware exploits

created at Jan. 3, 2016, 8:16 p.m.

Python

56 +0

537 +0

198 +1

GitHub
Nauz-File-Detector by horsicq

Linker/Compiler/Tool detector for Windows, Linux and MacOS.

created at Nov. 29, 2018, 2:28 p.m.

C++

28 +0

529 +3

80 +0

GitHub
iocextract by InQuest

Defanged Indicator of Compromise (IOC) Extractor.

created at April 17, 2018, 5:37 p.m.

Python

28 +0

510 +4

91 +0

GitHub
machinae by HurricaneLabs

Machinae Security Intelligence Collector

created at July 6, 2015, 3:14 p.m.

Python

38 +0

504 +0

101 +0

GitHub
PortEx by katjahahn

Java library to analyse Portable Executable files with a special focus on malware analysis and PE malformation robustness

created at Sept. 27, 2013, 6:34 a.m.

Scala

44 +0

496 +0

95 +0

GitHub
chopshop by MITRECND

Protocol Analysis/Decoder Framework

created at Sept. 18, 2012, 5:51 p.m.

Python

71 +0

489 +0

112 +0

GitHub
iocs by mandiant

FireEye Publicly Shared Indicators of Compromise (IOCs)

created at Aug. 29, 2014, 12:47 a.m.

Unknown languages

161 +0

464 +1

117 +0

GitHub
RABCDAsm by CyberShadow

Robust ABC (ActionScript Bytecode) [Dis-]Assembler

created at May 5, 2010, 7:23 a.m.

D

38 +0

430 +0

92 +0

GitHub
Limon by monnappa22

Limon is a sandbox developed as a research project written in python, which automatically collects, analyzes, and reports on the run time indicators of Linux malware. It allows one to inspect Linux malware before execution, during execution, and after execution (post-mortem analysis) by performing static, dynamic and memory analysis using open source tools

created at Nov. 21, 2015, 8:37 a.m.

Python

38 +0

389 +0

115 +0

GitHub
pyew by joxeankoret

Official repository for Pyew.

created at March 12, 2015, 5:05 p.m.

Python

32 +0

384 +1

95 +0

GitHub
VolUtility by kevthehermit

Web App for Volatility framework

created at March 21, 2016, 3:30 p.m.

Python

40 +0

380 +0

82 +0

GitHub
polichombr by ANSSI-FR

Collaborative malware analysis framework

created at May 31, 2016, 6:54 p.m.

Python

38 +0

375 +0

60 +0

GitHub
malheur by rieck

A Tool for Automatic Analysis of Malware Behavior

created at May 6, 2009, 10:03 a.m.

C

56 +0

369 +1

101 +0

GitHub
malsub by diogo-fernan

A Python RESTful API framework for online malware analysis and threat intelligence services.

created at Feb. 27, 2015, 10:43 p.m.

Python

36 +0

368 +0

80 +0

GitHub