scalpel by sleuthkit

Scalpel is an open source data carving tool. It is not being actively maintained.

created at June 27, 2013, 4:59 p.m.

Shell

43 +0

598 +0

101 +0

GitHub
unipacker by unipacker

Automatic and platform-independent unpacker for Windows binaries based on emulation

created at Feb. 7, 2019, 4:39 p.m.

Python

30 +0

590 +0

74 +0

GitHub
peframe by guelfoweb

PEframe is a open source tool to perform static analysis on Portable Executable malware and malicious MS Office documents.

created at March 12, 2014, 11:23 p.m.

YARA

52 +0

589 -1

150 +0

GitHub
hachoir by vstinner

Hachoir is a Python library to view and edit a binary stream field by field

created at Oct. 1, 2016, 3:41 p.m.

Python

22 +0

587 +1

76 +0

GitHub
box-js by CapacitorSet

A tool for studying JavaScript malware.

created at June 17, 2016, 4:38 p.m.

JavaScript

39 +0

583 +1

90 +0

GitHub
malSploitBase by misterch0c

Malware exploits

created at Jan. 3, 2016, 8:16 p.m.

Python

56 +0

527 +0

201 +0

GitHub
glastopf by mushorg

Web Application Honeypot

created at Nov. 15, 2012, 9:57 p.m.

Python

52 +0

527 +0

172 +0

GitHub
machinae by HurricaneLabs

Machinae Security Intelligence Collector

created at July 6, 2015, 3:14 p.m.

Python

38 +0

494 +0

100 +0

GitHub
PortEx by katjahahn

Java library to analyse Portable Executable files with a special focus on malware analysis and PE malformation robustness

created at Sept. 27, 2013, 6:34 a.m.

Java

43 +0

487 +0

95 +0

GitHub
chopshop by MITRECND

Protocol Analysis/Decoder Framework

created at Sept. 18, 2012, 5:51 p.m.

Python

71 +0

486 +0

111 +0

GitHub
Nauz-File-Detector by horsicq

Linker/Compiler/Tool detector for Windows, Linux and MacOS.

created at Nov. 29, 2018, 2:28 p.m.

C++

26 +0

484 +0

80 +0

GitHub
iocextract by InQuest

Defanged Indicator of Compromise (IOC) Extractor.

created at April 17, 2018, 5:37 p.m.

Python

28 +0

481 +0

88 -1

GitHub
iocs by mandiant

FireEye Publicly Shared Indicators of Compromise (IOCs)

created at Aug. 29, 2014, 12:47 a.m.

Unknown languages

160 +0

460 +0

122 +0

GitHub
RABCDAsm by CyberShadow

Robust ABC (ActionScript Bytecode) [Dis-]Assembler

created at May 5, 2010, 7:23 a.m.

D

39 +0

419 +0

92 +0

GitHub
Limon by monnappa22

Limon is a sandbox developed as a research project written in python, which automatically collects, analyzes, and reports on the run time indicators of Linux malware. It allows one to inspect Linux malware before execution, during execution, and after execution (post-mortem analysis) by performing static, dynamic and memory analysis using open source tools

created at Nov. 21, 2015, 8:37 a.m.

Python

36 +0

384 +1

121 +0

GitHub
pyew by joxeankoret

Official repository for Pyew.

created at March 12, 2015, 5:05 p.m.

Python

32 +0

377 +0

101 +0

GitHub
VolUtility by kevthehermit

Web App for Volatility framework

created at March 21, 2016, 3:30 p.m.

Python

40 +0

372 +0

81 +0

GitHub
polichombr by ANSSI-FR

Collaborative malware analysis framework

created at May 31, 2016, 6:54 p.m.

Python

38 +0

371 +0

64 +0

GitHub
malheur by rieck

A Tool for Automatic Analysis of Malware Behavior

created at May 6, 2009, 10:03 a.m.

C

56 +0

362 +1

100 +0

GitHub
malsub by diogo-fernan

A Python RESTful API framework for online malware analysis and threat intelligence services.

created at Feb. 27, 2015, 10:43 p.m.

Python

36 +0

361 +0

83 +0

GitHub