DECAF (short for Dynamic Executable Code Analysis Framework) is a binary analysis platform based on QEMU. This is also the home of the DroidScope dynamic Android malware analysis platform. DroidScope is now an extension to DECAF.
updated at April 26, 2024, 1:03 p.m.
Reverse engineering tool for virtualization wrappers
updated at April 28, 2024, 11:32 p.m.
Pythonic interface to the Internet Storm Center / DShield API.
updated at April 30, 2024, 8:17 p.m.
DC3 Malware Configuration Parser (DC3-MWCP) is a framework for parsing configuration information from malware. The information extracted from malware includes items such as addresses, passwords, filenames, and mutex names.
updated at May 2, 2024, 3:15 p.m.
HaboMalHunter is a sub-project of Habo Malware Analysis System (https://habo.qq.com), which can be used for automated malware analysis and security assessment on the Linux system.
updated at May 4, 2024, 10:32 a.m.
Defanged Indicator of Compromise (IOC) Extractor.
updated at May 4, 2024, 11:14 a.m.
Visualize network topologies and collect graph statistics based on pcap files
updated at May 4, 2024, 5:21 p.m.