iocs by mandiant

FireEye Publicly Shared Indicators of Compromise (IOCs)

created at Aug. 29, 2014, 12:47 a.m.

160 +0

460 +0

116 +0

DAMM by 504ensicsLabs

Differential Analysis of Malware in Memory

created at Sept. 16, 2014, 5:32 p.m.

31 +0

209 +0

56 +0

bytecode-viewer by Konloch

A Java 8+ Jar & Android APK Reverse Engineering Suite (Decompiler, Editor, Debugger & More)

created at Oct. 14, 2014, 10:26 a.m.

377 +0

14,344 +14

1,127 +3

barf-project by programa-stic

BARF : A multiplatform open source Binary Analysis and Reverse engineering Framework

created at Oct. 23, 2014, 2:33 p.m.

70 +0

1,387 +1

182 +0

bap by BinaryAnalysisPlatform

Binary Analysis Platform

created at Oct. 30, 2014, 11:59 a.m.

91 +0

1,978 +4

271 -1

vivisect by vivisect

None

created at Nov. 14, 2014, 6:28 p.m.

69 +0

896 +3

184 -10

wdbgark by swwwolf

WinDBG Anti-RootKit Extension

created at Nov. 22, 2014, 10:53 a.m.

61 +0

602 +1

176 +0

packerid by sooshie

None

created at Dec. 3, 2014, 9:31 p.m.

5 +0

40 +0

9 +0

maltrail by stamparm

Malicious traffic detection system

created at Dec. 4, 2014, 9:33 p.m.

228 +0

5,753 +12

994 +1

HashCheck by gurnec

HashCheck Shell Extension for Windows with added SHA2, SHA3, and multithreading; originally from code.kliu.org

created at Dec. 5, 2014, 2:58 a.m.

72 +0

1,681 +6

193 +0

broyara by hempnall

integrating bro into yara

created at Dec. 8, 2014, 10:29 p.m.

5 +0

31 +0

5 +0

DECAF by decaf-project

DECAF (short for Dynamic Executable Code Analysis Framework) is a binary analysis platform based on QEMU. This is also the home of the DroidScope dynamic Android malware analysis platform. DroidScope is now an extension to DECAF.

created at Dec. 17, 2014, 1:53 a.m.

60 +0

791 +4

168 +0

CapTipper by omriher

Malicious HTTP traffic explorer

created at Jan. 13, 2015, 9:05 a.m.

63 +0

698 +1

159 -9

Loki by Neo23x0

Loki - Simple IOC and YARA Scanner

created at Jan. 18, 2015, 8:39 a.m.

187 +0

3,226 +7

572 +0

PcapViz by mateuszk87

Visualize network topologies and collect graph statistics based on pcap files

created at Jan. 21, 2015, 10:57 p.m.

27 +0

324 -2

59 +0

python-evt by williballenthin

Pure Python parser for classic Windows Event Log files (.evt)

created at Jan. 24, 2015, 4:07 p.m.

5 +0

41 +1

12 +0

PyIOCe by pidydx

Python OpenIOC Editor

created at Feb. 5, 2015, 8:28 p.m.

3 +0

16 +0

7 +0

threataggregator by jpsenior

Aggregates security threats from a number of online sources, and outputs to Syslog CEF, Snort Signatures, Iptables rules, hosts.deny, etc.

created at Feb. 27, 2015, 1:28 a.m.

12 +0

78 +0

27 +0

malsub by diogo-fernan

A Python RESTful API framework for online malware analysis and threat intelligence services.

created at Feb. 27, 2015, 10:43 p.m.

36 +0

362 +0

83 +1

MaltegoVT by michael-yip

A set of Maltego transforms for VirusTotal Public API v2.0. This set has the added functionality of caching queries on a daily basis to speed up resolutions.

created at March 9, 2015, 6:52 a.m.

8 +0

76 -1

22 +0