awesome-yara by InQuest

A curated list of awesome YARA rules, tools, and people.

created at Aug. 23, 2017, 6:55 p.m.

170 +0

3,273 +8

468 -1

pafish by a0rtega

Pafish is a testing tool that uses different techniques to detect virtual machines and malware analysis environments in the same way that malware families do

created at July 1, 2012, 11:06 a.m.

174 +0

3,094 +5

454 +0

angr by angr

A powerful and user-friendly binary analysis platform!

created at Aug. 6, 2015, 9:46 p.m.

185 +0

7,243 +17

1,039 +2

Loki by Neo23x0

Loki - Simple IOC and YARA Scanner

created at Jan. 18, 2015, 8:39 a.m.

187 +0

3,251 +3

575 +1

flare-vm by mandiant

A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.

created at July 5, 2017, 9:17 p.m.

199 +1

5,893 +18

868 +3

peda by longld

PEDA - Python Exploit Development Assistance for GDB

created at Aug. 3, 2012, 6:26 a.m.

206 +0

5,750 -2

789 +0

data by aptnotes

APTnotes data

created at April 1, 2016, 2:44 p.m.

210 +0

1,618 +2

273 +1

binnavi by google

BinNavi is a binary analysis IDE that allows to inspect, navigate, edit and annotate control flow graphs and call graphs of disassembled code.

created at Aug. 19, 2015, 12:20 p.m.

221 +0

2,862 +1

452 +0

maltrail by stamparm

Malicious traffic detection system

created at Dec. 4, 2014, 9:33 p.m.

230 +2

5,784 +17

997 +3

al-khaser by LordNoteworthy

Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.

created at Nov. 12, 2015, 6:35 p.m.

238 +0

5,544 +8

1,135 +2

mhn by pwnlandia

Modern Honey Network

created at May 28, 2014, 11:35 p.m.

243 +0

2,410 +2

630 +0

MISP by MISP

MISP (core software) - Open Source Threat Intelligence and Sharing Platform

created at Feb. 7, 2013, 5:10 p.m.

275 -1

5,012 +9

1,344 +4

awesome-infosec by onlurking

A curated list of awesome infosec courses and training resources.

created at May 13, 2015, 10:20 p.m.

294 +0

4,988 +12

733 +0

capstone by capstone-engine

Capstone disassembly/disassembler framework for ARM, ARM64 (ARMv8), BPF, Ethereum VM, M68K, M680X, Mips, MOS65XX, PPC, RISC-V(rv32G/rv64G), SH, Sparc, SystemZ, TMS320C64X, TriCore, Webassembly, XCore and X86.

created at Nov. 27, 2013, 2:32 a.m.

303 +0

7,063 +15

1,505 +4

volatility by volatilityfoundation

An advanced memory forensics framework

created at April 24, 2014, 3:45 p.m.

308 +0

6,948 +9

1,252 +2

Malware by RPISEC

Course materials for Malware Analysis by RPISEC

created at Jan. 8, 2016, 4:10 p.m.

329 +0

3,617 +0

778 +0

arkime by arkime

Arkime is an open source, large scale, full packet capturing, indexing, and database system.

created at July 6, 2012, 4:10 p.m.

348 -1

6,134 +10

1,030 +2

rules by Yara-Rules

Repository of yara rules

created at April 11, 2015, 5:56 a.m.

349 +0

3,977 +3

982 -1

pics by corkami

File formats dissections and more...

created at March 26, 2015, 4:38 p.m.

360 +0

10,327 +8

738 +1

binwalk by ReFirmLabs

Firmware Analysis Tool

created at Nov. 15, 2013, 8:45 p.m.

369 +0

10,194 +12

1,473 +2