quark-engine by quark-engine

Dig Vulnerabilities in the BlackBox

created at Oct. 22, 2019, 1:19 a.m.

41 +0

1,231 +1

163 +0

scalpel by sleuthkit

Scalpel is an open source data carving tool. It is not being actively maintained.

created at June 27, 2013, 4:59 p.m.

43 +0

603 +0

100 +0

PortEx by katjahahn

Java library to analyse Portable Executable files with a special focus on malware analysis and PE malformation robustness

created at Sept. 27, 2013, 6:34 a.m.

43 +0

487 +0

95 +0

DC3-MWCP by Defense-Cyber-Crime-Center

DC3 Malware Configuration Parser (DC3-MWCP) is a framework for parsing configuration information from malware. The information extracted from malware includes items such as addresses, passwords, filenames, and mutex names.

created at May 6, 2015, 3:11 p.m.

43 +0

280 +0

58 +0

dionaea by DinoTools

Home of the dionaea honeypot

created at Dec. 21, 2015, 8:13 p.m.

44 +0

681 +1

183 +1

xortool by hellman

A tool to analyze multi-byte xor cipher

created at Jan. 18, 2011, 5:26 p.m.

48 +0

1,336 +1

170 +0

honeytrap by honeytrap

Advanced Honeypot framework.

created at Feb. 8, 2017, 4:07 p.m.

50 +0

1,194 -1

177 -1

ember by elastic

Elastic Malware Benchmark for Empowering Researchers

created at April 11, 2018, 5:48 p.m.

51 +0

899 +0

270 +1

glastopf by mushorg

Web Application Honeypot

created at Nov. 15, 2012, 9:57 p.m.

52 +0

534 +2

174 +1

peframe by guelfoweb

PEframe is a open source tool to perform static analysis on Portable Executable malware and malicious MS Office documents.

created at March 12, 2014, 11:23 p.m.

52 +0

594 -1

150 +0

pyinstxtractor by extremecoders-re

PyInstaller Extractor

created at March 25, 2020, 11:24 a.m.

54 +0

2,470 +27

573 +8

Scylla by NtQuery

Imports Reconstructor

created at Sept. 13, 2011, 6:58 p.m.

55 +0

1,023 +1

220 +2

HaboMalHunter by Tencent

HaboMalHunter is a sub-project of Habo Malware Analysis System (https://habo.qq.com), which can be used for automated malware analysis and security assessment on the Linux system.

created at Jan. 12, 2017, 6:17 a.m.

55 +0

722 +0

220 +0

massive-octo-spice by csirtgadgets

DEPRECATED - USE v3 (bearded-avenger)

created at Jan. 6, 2014, 1:02 p.m.

56 +0

227 +0

62 +0

malheur by rieck

A Tool for Automatic Analysis of Malware Behavior

created at May 6, 2009, 10:03 a.m.

56 +0

363 +1

101 +0

malSploitBase by misterch0c

Malware exploits

created at Jan. 3, 2016, 8:16 p.m.

56 +0

530 +0

201 +0

cuckoo-modified by brad-accuvant

Modified edition of cuckoo

created at July 30, 2014, 6:10 p.m.

57 +0

268 +1

103 +0

see by WithSecureOpenSource

Sandboxed Execution Environment

created at Oct. 26, 2015, 11:13 a.m.

57 +0

806 -1

104 +0

multiscanner by mitre

Modular file scanning/analysis framework

created at April 13, 2015, 2:58 p.m.

59 +0

610 +0

126 +1

DECAF by decaf-project

DECAF (short for Dynamic Executable Code Analysis Framework) is a binary analysis platform based on QEMU. This is also the home of the DroidScope dynamic Android malware analysis platform. DroidScope is now an extension to DECAF.

created at Dec. 17, 2014, 1:53 a.m.

60 +0

791 +0

168 +0