malSploitBase by misterch0c

Malware exploits

created at Jan. 3, 2016, 8:16 p.m.

56 +0

529 +0

201 -1

glastopf by mushorg

Web Application Honeypot

created at Nov. 15, 2012, 9:57 p.m.

52 +0

530 +0

173 +0

hachoir by vstinner

Hachoir is a Python library to view and edit a binary stream field by field

created at Oct. 1, 2016, 3:41 p.m.

22 +0

586 -1

69 -7

box-js by CapacitorSet

A tool for studying JavaScript malware.

created at June 17, 2016, 4:38 p.m.

39 +0

590 +1

83 +0

peframe by guelfoweb

PEframe is a open source tool to perform static analysis on Portable Executable malware and malicious MS Office documents.

created at March 12, 2014, 11:23 p.m.

52 +0

594 +1

150 +0

scalpel by sleuthkit

Scalpel is an open source data carving tool. It is not being actively maintained.

created at June 27, 2013, 4:59 p.m.

43 +0

602 +1

100 +0

wdbgark by swwwolf

WinDBG Anti-RootKit Extension

created at Nov. 22, 2014, 10:53 a.m.

61 +0

602 +1

176 +0

unipacker by unipacker

Automatic and platform-independent unpacker for Windows binaries based on emulation

created at Feb. 7, 2019, 4:39 p.m.

30 +1

606 +4

73 +1

multiscanner by mitre

Modular file scanning/analysis framework

created at April 13, 2015, 2:58 p.m.

59 +0

609 +0

125 +0

javascript-malware-collection by HynekPetrak

Collection of almost 40.000 javascript malware samples

created at May 7, 2017, 7:17 p.m.

37 +0

630 +1

235 +0

stringsifter by mandiant

A machine learning tool that ranks strings based on their relevance for malware analysis.

created at Sept. 5, 2019, 1:02 p.m.

30 +0

646 +2

123 +0

combine by mlsecproject

Tool to gather Threat Intelligence indicators from publicly available sources

created at Feb. 21, 2014, 5:33 p.m.

90 +0

648 +1

179 +0

dionaea by DinoTools

Home of the dionaea honeypot

created at Dec. 21, 2015, 8:13 p.m.

44 +0

679 +2

182 +0

hashdeep by jessek

None

created at June 12, 2012, 11:35 a.m.

61 +0

685 -1

129 +0

CapTipper by omriher

Malicious HTTP traffic explorer

created at Jan. 13, 2015, 9:05 a.m.

63 +0

698 +1

159 -9

laikaboss by lmco

Laika BOSS: Object Scanning System

created at June 12, 2015, 2:49 p.m.

132 +0

720 +0

155 +0

HaboMalHunter by Tencent

HaboMalHunter is a sub-project of Habo Malware Analysis System (https://habo.qq.com), which can be used for automated malware analysis and security assessment on the Linux system.

created at Jan. 12, 2017, 6:17 a.m.

55 +0

723 +1

220 +0

DECAF by decaf-project

DECAF (short for Dynamic Executable Code Analysis Framework) is a binary analysis platform based on QEMU. This is also the home of the DroidScope dynamic Android malware analysis platform. DroidScope is now an extension to DECAF.

created at Dec. 17, 2014, 1:53 a.m.

60 +0

791 +4

168 +0

see by WithSecureOpenSource

Sandboxed Execution Environment

created at Oct. 26, 2015, 11:13 a.m.

57 +0

807 +0

104 +0

ngrep by jpr5

ngrep is like GNU grep applied to the network layer. It's a PCAP-based tool that allows you to specify an extended regular or hexadecimal expression to match against data payloads of packets. It understands many kinds of protocols, including IPv4/6, TCP, UDP, ICMPv4/6, IGMP and Raw, across a wide variety of interface types, and understands BPF filter logic in the same fashion as more common packet sniffing tools, such as tcpdump and snoop.

created at Dec. 30, 2009, 8:14 a.m.

22 +0

847 +0

98 -2