HaboMalHunter by Tencent

HaboMalHunter is a sub-project of Habo Malware Analysis System (https://habo.qq.com), which can be used for automated malware analysis and security assessment on the Linux system.

created at Jan. 12, 2017, 6:17 a.m.

55 +0

722 +0

220 +0

python-icap-yara by RamadhanAmizudin

An ICAP Server with yara scanner for URL and content.

created at Feb. 6, 2017, 4:17 p.m.

6 +0

56 +0

13 +0

honeytrap by honeytrap

Advanced Honeypot framework.

created at Feb. 8, 2017, 4:07 p.m.

50 +0

1,194 -1

177 -1

boomerang by EmersonElectricCo

A tool designed for consistent and safe capture of off network web resources.

created at Feb. 16, 2017, 9:07 p.m.

12 +0

34 +0

6 +0

javascript-malware-collection by HynekPetrak

Collection of almost 40.000 javascript malware samples

created at May 7, 2017, 7:17 p.m.

37 +0

632 +1

236 +1

flare-vm by mandiant

A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.

created at July 5, 2017, 9:17 p.m.

199 +1

5,893 +18

868 +3

pyrebox by Cisco-Talos

Python scriptable Reverse Engineering Sandbox, a Virtual Machine instrumentation and inspection framework based on QEMU

created at July 7, 2017, 3:41 p.m.

95 +0

1,638 -1

249 +0

binaryalert by airbnb

BinaryAlert: Serverless, Real-time & Retroactive Malware Detection.

created at July 12, 2017, 9:27 p.m.

74 +0

1,380 -2

201 +0

awesome-yara by InQuest

A curated list of awesome YARA rules, tools, and people.

created at Aug. 23, 2017, 6:55 p.m.

170 +0

3,273 +8

468 -1

sandboxapi by InQuest

Minimal, consistent Python API for building integrations with malware sandboxes.

created at Jan. 16, 2018, 7:54 p.m.

21 +0

131 +0

39 +0

mac-a-mal by phdphuc

The current repository contains all the scripts needed to build kernel-mode mac-a-mal malicious activity hooking on macOS.

created at March 12, 2018, 1:49 p.m.

10 +0

82 +1

24 +0

MalPipe by silascutler

Malware/IOC ingestion and processing engine

created at April 4, 2018, 10:05 p.m.

11 +0

102 +0

24 +0

ember by elastic

Elastic Malware Benchmark for Empowering Researchers

created at April 11, 2018, 5:48 p.m.

51 +0

899 +0

270 +1

iocextract by InQuest

Defanged Indicator of Compromise (IOC) Extractor.

created at April 17, 2018, 5:37 p.m.

28 +0

487 +0

89 +1

CryptoKnight by AbertayMachineLearningGroup

Cryptographic Dataset Generation & Modelling Framework

created at Sept. 2, 2018, 3:15 p.m.

6 +0

38 +0

12 +0

Nauz-File-Detector by horsicq

Linker/Compiler/Tool detector for Windows, Linux and MacOS.

created at Nov. 29, 2018, 2:28 p.m.

26 +0

486 +0

80 +0

unipacker by unipacker

Automatic and platform-independent unpacker for Windows binaries based on emulation

created at Feb. 7, 2019, 4:39 p.m.

30 +0

606 +0

73 +0

ghidra by NationalSecurityAgency

Ghidra is a software reverse engineering (SRE) framework

created at March 1, 2019, 3:27 a.m.

1,023 +2

47,946 +132

5,556 +14

Malcolm by idaholab

Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.

created at May 13, 2019, 6:35 p.m.

18 +0

314 +1

50 +0

BoomBox by nbeede

Automatic deployment of Cuckoo Sandbox malware lab using Packer and Vagrant

created at July 31, 2019, 8:23 p.m.

8 +0

231 +0

39 +0