EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.
created at Oct. 5, 2013, 8:59 p.m.
hackers-grep is a utility to search for strings in PE executables including imports, exports, and debug symbols
created at Aug. 31, 2015, 5:02 p.m.
Threat Intelligence Quotient Test - Dataviz and Statistical Analysis of TI feeds
created at March 30, 2014, 6:52 p.m.
Automatically exported from code.google.com/p/jsunpack-n
created at April 1, 2015, 11:51 p.m.
Collection of malware persistence and hunting information. Be a persistent persistence hunter!
created at March 30, 2020, 1:52 p.m.
A Python library and command line tools to provide interactive log visualization.
created at Oct. 11, 2016, 3:33 p.m.
Minimal, consistent Python API for building integrations with malware sandboxes.
created at Jan. 16, 2018, 7:54 p.m.
Randomly changes Win32/64 PE Files for 'safer' uploading to malware and sandbox sites.
created at Oct. 10, 2013, 1:42 p.m.
Reverse engineering tool for virtualization wrappers
created at June 28, 2013, 6:55 p.m.
A modular Python application to pull intelligence about malicious files
created at Aug. 30, 2016, 5:35 p.m.
A framework for receiving and redistributing abuse feeds
created at Nov. 25, 2015, 12:35 p.m.
BluePill: Neutralizing Anti-Analysis Behavior in Malware Dissection (Black Hat Europe 2019, IEEE TIFS 2020)
created at Nov. 24, 2019, 9:35 p.m.
Checks with NSRL RDS servers looking for for hash matches
created at March 2, 2013, 4:35 p.m.
Malware/IOC ingestion and processing engine
created at April 4, 2018, 10:05 p.m.