Manalyze by JusticeRage

A static analyzer for PE executables.

created at Aug. 16, 2015, 12:19 p.m.

64 +0

994 +0

160 +0

angr by angr

A powerful and user-friendly binary analysis platform!

created at Aug. 6, 2015, 9:46 p.m.

185 +0

7,214 +12

1,036 +4

fsf by EmersonElectricCo

File Scanning Framework

created at Aug. 6, 2015, 1:34 a.m.

35 +0

282 +1

49 +0

sflock by hatching

Sample staging & detonation utility to be used in combination with Cuckoo Sandbox.

created at Aug. 1, 2015, 12:56 a.m.

12 +0

81 +0

48 +1

httpreplay by hatching

Replay HTTP and HTTPS requests from a PCAP based on TLS Master Secrets.

created at July 26, 2015, 6 a.m.

13 +0

94 +0

36 +0

machinae by HurricaneLabs

Machinae Security Intelligence Collector

created at July 6, 2015, 3:14 p.m.

38 +0

495 +0

100 +0

Ragpicker by robbyFux

Ragpicker is a Plugin based malware crawler with pre-analysis and reporting functionalities. Use this tool if you are testing antivirus products, collecting malware for another analyzer/zoo.

created at July 3, 2015, 7:03 a.m.

15 +0

90 +0

25 +0

dnSpy by dnSpy

.NET debugger and assembly editor

created at July 1, 2015, 4:05 p.m.

982 +1

25,500 +43

4,898 +5

pharos by cmu-sei

Automated static analysis tools for binary programs

created at June 12, 2015, 5:51 p.m.

77 +0

1,483 +2

183 +0

laikaboss by lmco

Laika BOSS: Object Scanning System

created at June 12, 2015, 2:49 p.m.

132 +0

720 +0

155 +0

dnstwist by elceef

Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation

created at June 11, 2015, 12:24 p.m.

155 +0

4,544 +22

733 +3

AChoir by OMENScan

Windows Live Artifacts Acquisition Script

created at May 25, 2015, 7:48 p.m.

14 +0

175 -1

31 +0

awesome-infosec by onlurking

A curated list of awesome infosec courses and training resources.

created at May 13, 2015, 10:20 p.m.

293 +0

4,970 +6

734 +0

cowrie by cowrie

Cowrie SSH/Telnet Honeypot https://cowrie.readthedocs.io

created at May 12, 2015, 2:58 p.m.

123 +0

4,909 +2

847 +1

DC3-MWCP by Defense-Cyber-Crime-Center

DC3 Malware Configuration Parser (DC3-MWCP) is a framework for parsing configuration information from malware. The information extracted from malware includes items such as addresses, passwords, filenames, and mutex names.

created at May 6, 2015, 3:11 p.m.

43 +0

279 +0

58 +0

SMRT by pidydx

Sublime Malware Research Tool

created at April 30, 2015, 4:22 p.m.

8 +0

64 +0

15 +0

VolDiff by aim4r

VolDiff: Malware Memory Footprint Analysis based on Volatility

created at April 19, 2015, 12:30 a.m.

28 +0

192 +0

50 +0

PackerAttacker by BromiumLabs

C++ application that uses memory and code hooks to detect packers

created at April 15, 2015, 11:02 p.m.

30 +0

261 -1

72 +0

evolve by JamesHabben

Web interface for the Volatility Memory Forensics Framework

created at April 14, 2015, 1:26 a.m.

38 +0

259 +0

42 +0

multiscanner by mitre

Modular file scanning/analysis framework

created at April 13, 2015, 2:58 p.m.

59 +0

609 +0

125 +0