PackerAttacker by BromiumLabs

C++ application that uses memory and code hooks to detect packers

created at April 15, 2015, 11:02 p.m.

30 +0

262 +1

72 +1

hpfeeds by hpfeeds

Honeynet Project generic authenticated datafeed protocol

created at April 4, 2011, 3:19 p.m.

30 +0

208 +0

110 +0

stringsifter by mandiant

A machine learning tool that ranks strings based on their relevance for malware analysis.

created at Sept. 5, 2019, 1:02 p.m.

30 +0

644 +0

123 +0

ROPMEMU by Cisco-Talos

ROPMEMU is a framework to analyze, dissect and decompile complex code-reuse attacks.

created at May 24, 2016, 5:04 p.m.

31 +0

280 +0

50 +0

DAMM by 504ensicsLabs

Differential Analysis of Malware in Memory

created at Sept. 16, 2014, 5:32 p.m.

31 +0

209 +0

56 +0

inVtero.net by ShaneK2

inVtero.net: A high speed (Gbps) Forensics, Memory integrity & assurance. Includes offensive & defensive memory capabilities. Find/Extract processes, hypervisors (including nested) in memory dumps using microarchitechture independent Virtual Machiene Introspection techniques

created at April 29, 2011, 4:37 a.m.

31 +0

276 +0

57 +0

pyew by joxeankoret

Official repository for Pyew.

created at March 12, 2015, 5:05 p.m.

32 +0

378 +1

101 +0

fsf by EmersonElectricCo

File Scanning Framework

created at Aug. 6, 2015, 1:34 a.m.

35 +0

281 +0

49 +0

aleph by merces

An Open Source Malware Analysis Pipeline System

created at July 29, 2013, 5:32 a.m.

35 +0

154 +0

53 +0

Limon by monnappa22

Limon is a sandbox developed as a research project written in python, which automatically collects, analyzes, and reports on the run time indicators of Linux malware. It allows one to inspect Linux malware before execution, during execution, and after execution (post-mortem analysis) by performing static, dynamic and memory analysis using open source tools

created at Nov. 21, 2015, 8:37 a.m.

36 +0

384 +0

121 +0

mailchecker by FGRibreau

Cross-language temporary (disposable/throwaway) email detection library. Covers 55 734+ fake email providers.

created at March 4, 2013, 3 p.m.

36 +0

1,566 +1

239 +1

malsub by diogo-fernan

A Python RESTful API framework for online malware analysis and threat intelligence services.

created at Feb. 27, 2015, 10:43 p.m.

36 +0

362 +0

82 +0

javascript-malware-collection by HynekPetrak

Collection of almost 40.000 javascript malware samples

created at May 7, 2017, 7:17 p.m.

37 +0

629 +1

235 +1

polichombr by ANSSI-FR

Collaborative malware analysis framework

created at May 31, 2016, 6:54 p.m.

38 +0

371 +0

64 +0

evolve by JamesHabben

Web interface for the Volatility Memory Forensics Framework

created at April 14, 2015, 1:26 a.m.

38 +0

259 +0

42 +0

machinae by HurricaneLabs

Machinae Security Intelligence Collector

created at July 6, 2015, 3:14 p.m.

38 +0

495 +0

100 +0

RABCDAsm by CyberShadow

Robust ABC (ActionScript Bytecode) [Dis-]Assembler

created at May 5, 2010, 7:23 a.m.

39 +0

419 +0

91 +0

box-js by CapacitorSet

A tool for studying JavaScript malware.

created at June 17, 2016, 4:38 p.m.

39 +0

589 +1

83 +0

VolUtility by kevthehermit

Web App for Volatility framework

created at March 21, 2016, 3:30 p.m.

40 +0

373 +0

81 +0

ioc_writer by mandiant

None

created at July 24, 2013, 6:33 p.m.

40 +0

199 +1

60 +0