laikaboss by lmco

Laika BOSS: Object Scanning System

created at June 12, 2015, 2:49 p.m.

132 +0

720 +1

155 +0

dnstwist by elceef

Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation

created at June 11, 2015, 12:24 p.m.

156 +0

4,570 +16

735 +1

cowrie by cowrie

Cowrie SSH/Telnet Honeypot https://cowrie.readthedocs.io

created at May 12, 2015, 2:58 p.m.

123 +0

4,924 +13

850 +1

DC3-MWCP by Defense-Cyber-Crime-Center

DC3 Malware Configuration Parser (DC3-MWCP) is a framework for parsing configuration information from malware. The information extracted from malware includes items such as addresses, passwords, filenames, and mutex names.

created at May 6, 2015, 3:11 p.m.

43 +0

280 +0

58 +0

SMRT by pidydx

Sublime Malware Research Tool

created at April 30, 2015, 4:22 p.m.

8 +0

64 +0

15 +0

VolDiff by aim4r

VolDiff: Malware Memory Footprint Analysis based on Volatility

created at April 19, 2015, 12:30 a.m.

28 +0

192 +0

50 +0

multiscanner by mitre

Modular file scanning/analysis framework

created at April 13, 2015, 2:58 p.m.

59 +0

610 +0

126 +1

jsunpack-n by urule99

Automatically exported from code.google.com/p/jsunpack-n

created at April 1, 2015, 11:51 p.m.

16 +0

157 +0

65 +0

gef by hugsy

GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux

created at March 26, 2015, 10:25 p.m.

134 +0

6,518 +19

710 +3

pyew by joxeankoret

Official repository for Pyew.

created at March 12, 2015, 5:05 p.m.

32 +0

379 +0

101 +0

plasma by plasma-disassembler

Plasma is an interactive disassembler for x86/ARM/MIPS. It can generates indented pseudo-code with colored syntax.

created at March 9, 2015, 9:16 p.m.

149 +0

3,043 +1

278 +0

ThreatTracker by michael-yip

ThreatTracker is a Python script designed to monitor and generate alerts on given sets of indicators of compromise (IOCs) indexed by a set of Google Custom Search Engines.

created at March 9, 2015, 7:19 a.m.

7 +0

62 +0

13 +0

MaltegoVT by michael-yip

A set of Maltego transforms for VirusTotal Public API v2.0. This set has the added functionality of caching queries on a daily basis to speed up resolutions.

created at March 9, 2015, 6:52 a.m.

8 +0

76 +0

22 +0

malsub by diogo-fernan

A Python RESTful API framework for online malware analysis and threat intelligence services.

created at Feb. 27, 2015, 10:43 p.m.

36 +0

362 +0

83 +0

threataggregator by jpsenior

Aggregates security threats from a number of online sources, and outputs to Syslog CEF, Snort Signatures, Iptables rules, hosts.deny, etc.

created at Feb. 27, 2015, 1:28 a.m.

12 +0

78 +0

27 +0

PyIOCe by pidydx

Python OpenIOC Editor

created at Feb. 5, 2015, 8:28 p.m.

3 +0

16 +0

7 +0

python-evt by williballenthin

Pure Python parser for classic Windows Event Log files (.evt)

created at Jan. 24, 2015, 4:07 p.m.

5 +0

42 +1

12 +0

PcapViz by mateuszk87

Visualize network topologies and collect graph statistics based on pcap files

created at Jan. 21, 2015, 10:57 p.m.

27 +0

326 +0

59 +0

Loki by Neo23x0

Loki - Simple IOC and YARA Scanner

created at Jan. 18, 2015, 8:39 a.m.

187 +0

3,251 +3

575 +1

CapTipper by omriher

Malicious HTTP traffic explorer

created at Jan. 13, 2015, 9:05 a.m.

63 +0

699 +1

159 +0