wdbgark by swwwolf

WinDBG Anti-RootKit Extension

updated at April 25, 2024, 6:16 a.m.

61 +0

602 +0

176 +0

chopshop by MITRECND

Protocol Analysis/Decoder Framework

updated at April 25, 2024, 11:31 a.m.

71 +0

487 +0

111 +0

unipacker by unipacker

Automatic and platform-independent unpacker for Windows binaries based on emulation

updated at April 26, 2024, 10:23 a.m.

30 +0

606 +0

73 +0

DECAF by decaf-project

DECAF (short for Dynamic Executable Code Analysis Framework) is a binary analysis platform based on QEMU. This is also the home of the DroidScope dynamic Android malware analysis platform. DroidScope is now an extension to DECAF.

updated at April 26, 2024, 1:03 p.m.

60 +0

791 +0

168 +0

fsf by EmersonElectricCo

File Scanning Framework

updated at April 26, 2024, 10:29 p.m.

35 +0

282 +0

49 +0

hachoir by vstinner

Hachoir is a Python library to view and edit a binary stream field by field

updated at April 27, 2024, 4:06 p.m.

22 +0

586 +0

69 +0

scalpel by sleuthkit

Scalpel is an open source data carving tool. It is not being actively maintained.

updated at April 28, 2024, 4:34 p.m.

43 +0

603 +0

100 +0

VirtualDeobfuscator by jnraber

Reverse engineering tool for virtualization wrappers

updated at April 28, 2024, 11:32 p.m.

7 +0

123 +0

24 +0

python-dshield by rshipp

Pythonic interface to the Internet Storm Center / DShield API.

updated at April 30, 2024, 8:17 p.m.

4 +0

23 +0

13 +0

DC3-MWCP by Defense-Cyber-Crime-Center

DC3 Malware Configuration Parser (DC3-MWCP) is a framework for parsing configuration information from malware. The information extracted from malware includes items such as addresses, passwords, filenames, and mutex names.

updated at May 2, 2024, 3:15 p.m.

43 +0

280 +0

58 +0

muninn by ytisf

A short and small memory forensics helper.

updated at May 4, 2024, 12:45 a.m.

11 +0

51 +0

9 +0

HaboMalHunter by Tencent

HaboMalHunter is a sub-project of Habo Malware Analysis System (https://habo.qq.com), which can be used for automated malware analysis and security assessment on the Linux system.

updated at May 4, 2024, 10:32 a.m.

55 +0

722 +0

220 +0

iocextract by InQuest

Defanged Indicator of Compromise (IOC) Extractor.

updated at May 4, 2024, 11:14 a.m.

28 +0

487 +0

89 +1

PcapViz by mateuszk87

Visualize network topologies and collect graph statistics based on pcap files

updated at May 4, 2024, 5:21 p.m.

27 +0

326 +0

59 +0

mastiff by KoreLogicSecurity

Malware static analysis framework

updated at May 4, 2024, 9:59 p.m.

18 +0

173 +0

39 +0

ember by elastic

Elastic Malware Benchmark for Empowering Researchers

updated at May 4, 2024, 11:03 p.m.

51 +0

899 +0

270 +1

machinae by HurricaneLabs

Machinae Security Intelligence Collector

updated at May 5, 2024, noon

38 +0

496 +1

101 +1

see by WithSecureOpenSource

Sandboxed Execution Environment

updated at May 5, 2024, 4:03 p.m.

57 +0

806 -1

104 +0

AChoir by OMENScan

Windows Live Artifacts Acquisition Script

updated at May 5, 2024, 11:48 p.m.

14 +0

176 +1

31 +0

glastopf by mushorg

Web Application Honeypot

updated at May 6, 2024, 6:58 a.m.

52 +0

534 +2

174 +1