DemonHunter by RevengeComing

Distributed Honeypot

created at Oct. 25, 2016, 5:43 a.m.

9 +0

58 +0

12 +0

hackers-grep by codypierce

hackers-grep is a utility to search for strings in PE executables including imports, exports, and debug symbols

created at Aug. 31, 2015, 5:02 p.m.

9 +0

165 +0

19 +0

mac-a-mal by phdphuc

The current repository contains all the scripts needed to build kernel-mode mac-a-mal malicious activity hooking on macOS.

created at March 12, 2018, 1:49 p.m.

10 +0

81 +0

24 +0

panda by moyix

Deprecated repo for PANDA 1.0 – see PANDA 2.0 repository

created at Nov. 22, 2016, 5:12 p.m.

10 +0

102 +0

42 +0

MalPipe by silascutler

Malware/IOC ingestion and processing engine

created at April 4, 2018, 10:05 p.m.

11 +0

102 +0

24 +0

muninn by ytisf

A short and small memory forensics helper.

created at July 26, 2014, 9:14 a.m.

11 +0

50 +0

9 +0

orochi by LDO-CERT

The Volatility Collaborative GUI

created at May 18, 2020, 2:01 p.m.

12 +0

190 +1

17 +0

sflock by hatching

Sample staging & detonation utility to be used in combination with Cuckoo Sandbox.

created at Aug. 1, 2015, 12:56 a.m.

12 +0

81 +0

48 +1

boomerang by EmersonElectricCo

A tool designed for consistent and safe capture of off network web resources.

created at Feb. 16, 2017, 9:07 p.m.

12 +0

34 +0

6 +0

NoMoreXOR by hiddenillusion

Tool to help guess a files 256 byte XOR key by using frequency analysis

created at Jan. 22, 2013, 9:09 p.m.

12 +0

81 +0

20 +0

threataggregator by jpsenior

Aggregates security threats from a number of online sources, and outputs to Syslog CEF, Snort Signatures, Iptables rules, hosts.deny, etc.

created at Feb. 27, 2015, 1:28 a.m.

12 +0

78 +0

27 +0

httpreplay by hatching

Replay HTTP and HTTPS requests from a PCAP based on TLS Master Secrets.

created at July 26, 2015, 6 a.m.

13 +0

94 +0

36 +0

nsrllookup by rjhansen

Checks with NSRL RDS servers looking for for hash matches

created at March 2, 2013, 4:35 p.m.

13 +0

107 +0

10 +0

AChoir by OMENScan

Windows Live Artifacts Acquisition Script

created at May 25, 2015, 7:48 p.m.

14 +0

175 -1

31 +0

TotalRecall by sketchymoose

Based on the Volatility framework, this script will run various plugins as well as create a timeline, or use YARA/ClamAV/VirusTotal to find badness.

created at Sept. 21, 2013, 12:14 p.m.

14 +0

49 +0

9 +0

Ragpicker by robbyFux

Ragpicker is a Plugin based malware crawler with pre-analysis and reporting functionalities. Use this tool if you are testing antivirus products, collecting malware for another analyzer/zoo.

created at July 3, 2015, 7:03 a.m.

15 +0

90 +0

25 +0

visualize_logs by keithjjones

A Python library and command line tools to provide interactive log visualization.

created at Oct. 11, 2016, 3:33 p.m.

15 +0

134 +0

36 +0

jsunpack-n by urule99

Automatically exported from code.google.com/p/jsunpack-n

created at April 1, 2015, 11:51 p.m.

16 +0

157 +0

65 +0

fileintel by keithjjones

A modular Python application to pull intelligence about malicious files

created at Aug. 30, 2016, 5:35 p.m.

17 +0

113 +0

25 +0

Hale by pjlantz

Botnet command & control monitor

created at June 2, 2010, 11:13 a.m.

17 +0

183 +0

63 +0