ioc_writer by mandiant

None

updated at April 14, 2024, 7:25 p.m.

40 +0

199 +0

60 +0

malSploitBase by misterch0c

Malware exploits

updated at April 14, 2024, 10:29 p.m.

56 +0

529 +0

201 -1

iocextract by InQuest

Defanged Indicator of Compromise (IOC) Extractor.

updated at April 15, 2024, 8:24 p.m.

28 +0

485 +0

88 +0

Hale by pjlantz

Botnet command & control monitor

updated at April 16, 2024, 7:42 p.m.

17 +0

183 +0

63 +0

glastopf by mushorg

Web Application Honeypot

updated at April 18, 2024, 3:10 a.m.

52 +0

530 +0

173 +0

VirtualDeobfuscator by jnraber

Reverse engineering tool for virtualization wrappers

updated at April 19, 2024, 3:16 a.m.

7 +0

122 +0

24 +0

ngrep by jpr5

ngrep is like GNU grep applied to the network layer. It's a PCAP-based tool that allows you to specify an extended regular or hexadecimal expression to match against data payloads of packets. It understands many kinds of protocols, including IPv4/6, TCP, UDP, ICMPv4/6, IGMP and Raw, across a wide variety of interface types, and understands BPF filter logic in the same fashion as more common packet sniffing tools, such as tcpdump and snoop.

updated at April 19, 2024, 4:50 p.m.

22 +0

847 +0

98 -2

Manalyze by JusticeRage

A static analyzer for PE executables.

updated at April 20, 2024, 10:48 a.m.

64 +0

994 +0

160 +0

malcom by tomchop

Malcom - Malware Communications Analyzer

updated at April 20, 2024, 3:39 p.m.

132 +0

1,138 +0

214 -1

CapTipper by omriher

Malicious HTTP traffic explorer

updated at April 21, 2024, 11:47 a.m.

63 +0

698 +1

159 -9

honeytrap by honeytrap

Advanced Honeypot framework.

updated at April 22, 2024, 7:09 a.m.

50 +0

1,194 +1

177 +0

box-js by CapacitorSet

A tool for studying JavaScript malware.

updated at April 23, 2024, 4:04 a.m.

39 +0

590 +1

83 +0

Noriben by Rurik

Noriben - Portable, Simple, Malware Analysis Sandbox

updated at April 23, 2024, 5:57 a.m.

90 +0

1,071 +1

221 +0

pyrebox by Cisco-Talos

Python scriptable Reverse Engineering Sandbox, a Virtual Machine instrumentation and inspection framework based on QEMU

updated at April 23, 2024, 3:34 p.m.

95 +0

1,638 +2

249 +0

malware-persistence by Karneades

Collection of malware persistence and hunting information. Be a persistent persistence hunter!

updated at April 23, 2024, 3:57 p.m.

8 +0

154 +1

17 +0

hashdeep by jessek

None

updated at April 23, 2024, 10:24 p.m.

61 +0

685 -1

129 +0

PackerAttacker by BromiumLabs

C++ application that uses memory and code hooks to detect packers

updated at April 23, 2024, 10:34 p.m.

30 +0

261 -1

72 +0

binaryalert by airbnb

BinaryAlert: Serverless, Real-time & Retroactive Malware Detection.

updated at April 24, 2024, 7:36 a.m.

74 +0

1,380 -1

201 +0

Malcolm by idaholab

Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.

updated at April 24, 2024, 9:44 a.m.

18 +0

310 +1

49 +1

combine by mlsecproject

Tool to gather Threat Intelligence indicators from publicly available sources

updated at April 24, 2024, 11:48 a.m.

90 +0

648 +1

179 +0