cuckoo-modified by brad-accuvant

Modified edition of cuckoo

created at July 30, 2014, 6:10 p.m.

57 +0

267 +0

103 +0

see by WithSecureOpenSource

Sandboxed Execution Environment

created at Oct. 26, 2015, 11:13 a.m.

57 +0

807 +0

104 +0

hpfeeds by hpfeeds

Honeynet Project generic authenticated datafeed protocol

created at April 4, 2011, 3:19 p.m.

30 +0

208 +0

110 +0

chopshop by MITRECND

Protocol Analysis/Decoder Framework

created at Sept. 18, 2012, 5:51 p.m.

71 +0

487 +1

111 +0

iocs by mandiant

FireEye Publicly Shared Indicators of Compromise (IOCs)

created at Aug. 29, 2014, 12:47 a.m.

160 +0

460 +0

116 +0

Limon by monnappa22

Limon is a sandbox developed as a research project written in python, which automatically collects, analyzes, and reports on the run time indicators of Linux malware. It allows one to inspect Linux malware before execution, during execution, and after execution (post-mortem analysis) by performing static, dynamic and memory analysis using open source tools

created at Nov. 21, 2015, 8:37 a.m.

36 +0

383 -1

121 +0

stringsifter by mandiant

A machine learning tool that ranks strings based on their relevance for malware analysis.

created at Sept. 5, 2019, 1:02 p.m.

30 +0

646 +2

123 +0

multiscanner by mitre

Modular file scanning/analysis framework

created at April 13, 2015, 2:58 p.m.

59 +0

609 +0

125 +0

hashdeep by jessek

None

created at June 12, 2012, 11:35 a.m.

61 +0

685 -1

129 +0

peframe by guelfoweb

PEframe is a open source tool to perform static analysis on Portable Executable malware and malicious MS Office documents.

created at March 12, 2014, 11:23 p.m.

52 +0

594 +1

150 +0

laikaboss by lmco

Laika BOSS: Object Scanning System

created at June 12, 2015, 2:49 p.m.

132 +0

720 +0

155 +0

CapTipper by omriher

Malicious HTTP traffic explorer

created at Jan. 13, 2015, 9:05 a.m.

63 +0

698 +1

159 -9

Manalyze by JusticeRage

A static analyzer for PE executables.

created at Aug. 16, 2015, 12:19 p.m.

64 +0

994 +0

160 +0

quark-engine by quark-engine

Dig Vulnerabilities in the BlackBox

created at Oct. 22, 2019, 1:19 a.m.

41 +0

1,227 +3

163 +0

DECAF by decaf-project

DECAF (short for Dynamic Executable Code Analysis Framework) is a binary analysis platform based on QEMU. This is also the home of the DroidScope dynamic Android malware analysis platform. DroidScope is now an extension to DECAF.

created at Dec. 17, 2014, 1:53 a.m.

60 +0

791 +4

168 +0

xortool by hellman

A tool to analyze multi-byte xor cipher

created at Jan. 18, 2011, 5:26 p.m.

47 +0

1,335 +2

170 +0

glastopf by mushorg

Web Application Honeypot

created at Nov. 15, 2012, 9:57 p.m.

52 +0

530 +0

173 +0

wdbgark by swwwolf

WinDBG Anti-RootKit Extension

created at Nov. 22, 2014, 10:53 a.m.

61 +0

602 +1

176 +0

honeytrap by honeytrap

Advanced Honeypot framework.

created at Feb. 8, 2017, 4:07 p.m.

50 +0

1,194 +1

177 +0

combine by mlsecproject

Tool to gather Threat Intelligence indicators from publicly available sources

created at Feb. 21, 2014, 5:33 p.m.

90 +0

648 +1

179 +0