Limon by monnappa22

Limon is a sandbox developed as a research project written in python, which automatically collects, analyzes, and reports on the run time indicators of Linux malware. It allows one to inspect Linux malware before execution, during execution, and after execution (post-mortem analysis) by performing static, dynamic and memory analysis using open source tools

updated at April 24, 2024, 5:25 p.m.

36 +0

383 -1

121 +0

AChoir by OMENScan

Windows Live Artifacts Acquisition Script

updated at April 24, 2024, 5:25 p.m.

14 +0

175 -1

31 +0

MaltegoVT by michael-yip

A set of Maltego transforms for VirusTotal Public API v2.0. This set has the added functionality of caching queries on a daily basis to speed up resolutions.

updated at April 24, 2024, 5:25 p.m.

8 +0

76 -1

22 +0

PortEx by katjahahn

Java library to analyse Portable Executable files with a special focus on malware analysis and PE malformation robustness

updated at April 24, 2024, 5:24 p.m.

43 +0

487 -1

95 +0

aleph by merces

An Open Source Malware Analysis Pipeline System

updated at April 24, 2024, 5:24 p.m.

35 +0

153 -1

53 +0

Zeus by Visgean

NOT MY CODE! Zeus trojan horse - leaked in 2011, I am not the author. This repository is for study purposes only, do not message me about your lame hacking attempts.

updated at April 24, 2024, 5:24 p.m.

138 +0

1,349 -1

692 +0

pyew by joxeankoret

Official repository for Pyew.

updated at April 24, 2024, 1:04 p.m.

32 +0

379 +1

101 +0

combine by mlsecproject

Tool to gather Threat Intelligence indicators from publicly available sources

updated at April 24, 2024, 11:48 a.m.

90 +0

648 +1

179 +0

Malcolm by idaholab

Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.

updated at April 24, 2024, 9:44 a.m.

18 +0

310 +1

49 +1

binaryalert by airbnb

BinaryAlert: Serverless, Real-time & Retroactive Malware Detection.

updated at April 24, 2024, 7:36 a.m.

74 +0

1,380 -1

201 +0

PackerAttacker by BromiumLabs

C++ application that uses memory and code hooks to detect packers

updated at April 23, 2024, 10:34 p.m.

30 +0

261 -1

72 +0

hashdeep by jessek

None

updated at April 23, 2024, 10:24 p.m.

61 +0

685 -1

129 +0

malware-persistence by Karneades

Collection of malware persistence and hunting information. Be a persistent persistence hunter!

updated at April 23, 2024, 3:57 p.m.

8 +0

154 +1

17 +0

pyrebox by Cisco-Talos

Python scriptable Reverse Engineering Sandbox, a Virtual Machine instrumentation and inspection framework based on QEMU

updated at April 23, 2024, 3:34 p.m.

95 +0

1,638 +2

249 +0

Noriben by Rurik

Noriben - Portable, Simple, Malware Analysis Sandbox

updated at April 23, 2024, 5:57 a.m.

90 +0

1,071 +1

221 +0

box-js by CapacitorSet

A tool for studying JavaScript malware.

updated at April 23, 2024, 4:04 a.m.

39 +0

590 +1

83 +0

honeytrap by honeytrap

Advanced Honeypot framework.

updated at April 22, 2024, 7:09 a.m.

50 +0

1,194 +1

177 +0

CapTipper by omriher

Malicious HTTP traffic explorer

updated at April 21, 2024, 11:47 a.m.

63 +0

698 +1

159 -9

malcom by tomchop

Malcom - Malware Communications Analyzer

updated at April 20, 2024, 3:39 p.m.

132 +0

1,138 +0

214 -1

Manalyze by JusticeRage

A static analyzer for PE executables.

updated at April 20, 2024, 10:48 a.m.

64 +0

994 +0

160 +0