AnalyzePE by hiddenillusion

Wraps around various tools and provides some additional checks/information to produce a centralized report of a PE file.

created at Jan. 16, 2013, 2:04 p.m.

19 +0

201 +0

37 +0

IPinfo by hiddenillusion

Searches various online resources to try and get as much info about an IP/domain as possible.

created at Dec. 24, 2012, 5:50 p.m.

19 +0

95 +0

28 +0

mnemosyne by johnnykv

Normalizer for honeypot data.

created at Dec. 21, 2012, 11:45 a.m.

8 +0

44 +0

41 -1

glastopf by mushorg

Web Application Honeypot

created at Nov. 15, 2012, 9:57 p.m.

52 +0

534 +2

174 +1

codebro by hugsy

Web based code browser using clang to provide basic code analysis.

created at Oct. 29, 2012, 8:31 a.m.

6 +0

43 +0

6 +0

Krakatau by Storyyeller

Java decompiler, assembler, and disassembler

created at Oct. 20, 2012, 1:36 a.m.

95 +0

1,936 +3

216 -50

chopshop by MITRECND

Protocol Analysis/Decoder Framework

created at Sept. 18, 2012, 5:51 p.m.

71 +0

487 +0

111 +0

peda by longld

PEDA - Python Exploit Development Assistance for GDB

created at Aug. 3, 2012, 6:26 a.m.

206 +0

5,750 -2

789 +0

arkime by arkime

Arkime is an open source, large scale, full packet capturing, indexing, and database system.

created at July 6, 2012, 4:10 p.m.

348 -1

6,134 +10

1,030 +2

pafish by a0rtega

Pafish is a testing tool that uses different techniques to detect virtual machines and malware analysis environments in the same way that malware families do

created at July 1, 2012, 11:06 a.m.

174 +0

3,094 +5

454 +0

hashdeep by jessek

None

created at June 12, 2012, 11:35 a.m.

61 +0

687 +1

129 +0

malwarehouse by sroberts

A warehouse for your malware

created at June 12, 2012, 4:05 a.m.

22 +0

131 +0

43 +0

bulk_extractor by simsong

This is the development tree. Production downloads are at:

created at April 3, 2012, 4:36 a.m.

74 +0

1,011 +1

180 +0

udis86 by vmt

Disassembler Library for x86 and x86-64

created at March 6, 2012, 7:36 a.m.

85 +0

987 +2

297 -12

thug by buffer

Python low-interaction honeyclient

created at Feb. 20, 2012, 11:56 a.m.

75 +0

959 +2

204 +0

pdfxray_lite by 9b

Lite version of PDF X-RAY that uses no backend

created at Nov. 11, 2011, 4:49 a.m.

7 +0

34 +0

9 +0

de4dot by de4dot

.NET deobfuscator and unpacker.

created at Sept. 20, 2011, 1:50 a.m.

513 +1

6,751 +18

2,643 +2

Scylla by NtQuery

Imports Reconstructor

created at Sept. 13, 2011, 6:58 p.m.

55 +0

1,023 +1

220 +2

Zeus by Visgean

NOT MY CODE! Zeus trojan horse - leaked in 2011, I am not the author. This repository is for study purposes only, do not message me about your lame hacking attempts.

created at May 13, 2011, 10:18 p.m.

138 +0

1,354 +2

693 +1

inVtero.net by ShaneK2

inVtero.net: A high speed (Gbps) Forensics, Memory integrity & assurance. Includes offensive & defensive memory capabilities. Find/Extract processes, hypervisors (including nested) in memory dumps using microarchitechture independent Virtual Machiene Introspection techniques

created at April 29, 2011, 4:37 a.m.

31 +0

276 +0

57 +0