DECAF (short for Dynamic Executable Code Analysis Framework) is a binary analysis platform based on QEMU. This is also the home of the DroidScope dynamic Android malware analysis platform. DroidScope is now an extension to DECAF.
updated at April 26, 2024, 1:03 p.m.
Collection of almost 40.000 javascript malware samples
updated at April 25, 2024, 1:46 p.m.
A machine learning tool that ranks strings based on their relevance for malware analysis.
updated at April 25, 2024, 12:46 p.m.
Pure Python parser for classic Windows Event Log files (.evt)
updated at April 25, 2024, 3:18 a.m.
Cross-language temporary (disposable/throwaway) email detection library. Covers 55 734+ fake email providers.
updated at April 24, 2024, 10:29 p.m.
HaboMalHunter is a sub-project of Habo Malware Analysis System (https://habo.qq.com), which can be used for automated malware analysis and security assessment on the Linux system.
updated at April 24, 2024, 9:55 p.m.
Plasma is an interactive disassembler for x86/ARM/MIPS. It can generates indented pseudo-code with colored syntax.
updated at April 24, 2024, 9:27 p.m.
Minimal, consistent Python API for building integrations with malware sandboxes.
updated at April 24, 2024, 6:58 p.m.
Collaborative malware analysis framework
updated at April 24, 2024, 5:45 p.m.