VolDiff by aim4r

VolDiff: Malware Memory Footprint Analysis based on Volatility

updated at March 26, 2024, 6:38 a.m.

28 +0

192 +0

50 +0

DAMM by 504ensicsLabs

Differential Analysis of Malware in Memory

updated at March 26, 2024, 4:23 p.m.

31 +0

209 +0

56 +0

sflock by hatching

Sample staging & detonation utility to be used in combination with Cuckoo Sandbox.

updated at March 26, 2024, 7:45 p.m.

12 +0

81 +0

48 +1

httpreplay by hatching

Replay HTTP and HTTPS requests from a PCAP based on TLS Master Secrets.

updated at March 26, 2024, 7:46 p.m.

13 +0

94 +0

36 +0

packerid by sooshie

None

updated at March 27, 2024, 10:19 a.m.

5 +0

40 +0

9 +0

multiscanner by mitre

Modular file scanning/analysis framework

updated at March 27, 2024, 10:41 a.m.

59 +0

609 +0

125 +0

machinae by HurricaneLabs

Machinae Security Intelligence Collector

updated at March 29, 2024, 2:06 p.m.

38 +0

495 +0

100 +0

CryptoKnight by AbertayMachineLearningGroup

Cryptographic Dataset Generation & Modelling Framework

updated at April 2, 2024, 6:43 a.m.

6 +0

38 +0

12 +0

jsunpack-n by urule99

Automatically exported from code.google.com/p/jsunpack-n

updated at April 3, 2024, 2:49 p.m.

16 +0

157 +0

65 +0

malsub by diogo-fernan

A Python RESTful API framework for online malware analysis and threat intelligence services.

updated at April 4, 2024, 3:30 a.m.

36 +0

362 +0

83 +1

evolve by JamesHabben

Web interface for the Volatility Memory Forensics Framework

updated at April 4, 2024, 10:44 p.m.

38 +0

259 +0

42 +0

see by WithSecureOpenSource

Sandboxed Execution Environment

updated at April 6, 2024, 8:18 p.m.

57 +0

807 +0

104 +0

python-dshield by rshipp

Pythonic interface to the Internet Storm Center / DShield API.

updated at April 8, 2024, 1:07 a.m.

4 +0

24 +0

13 +0

hpfeeds by hpfeeds

Honeynet Project generic authenticated datafeed protocol

updated at April 8, 2024, 2:49 a.m.

30 +0

208 +0

110 +0

laikaboss by lmco

Laika BOSS: Object Scanning System

updated at April 8, 2024, 5:08 p.m.

132 +0

720 +0

155 +0

Ragpicker by robbyFux

Ragpicker is a Plugin based malware crawler with pre-analysis and reporting functionalities. Use this tool if you are testing antivirus products, collecting malware for another analyzer/zoo.

updated at April 12, 2024, 8:54 a.m.

15 +0

90 +0

25 +0

nsrllookup by rjhansen

Checks with NSRL RDS servers looking for for hash matches

updated at April 12, 2024, 8:49 p.m.

13 +0

107 +0

10 +0

AnalyzePE by hiddenillusion

Wraps around various tools and provides some additional checks/information to produce a centralized report of a PE file.

updated at April 12, 2024, 11:52 p.m.

19 +0

201 +0

37 +0

IPinfo by hiddenillusion

Searches various online resources to try and get as much info about an IP/domain as possible.

updated at April 14, 2024, 2:38 a.m.

19 +0

95 +0

28 +0

EVTXtract by williballenthin

EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.

updated at April 14, 2024, 1:56 p.m.

18 +0

173 +0

24 +0