honeytrap by honeytrap

Advanced Honeypot framework.

created at Feb. 8, 2017, 4:07 p.m.

50 +0

1,195 +1

178 +1

xortool by hellman

A tool to analyze multi-byte xor cipher

created at Jan. 18, 2011, 5:26 p.m.

48 +1

1,335 +0

170 +0

dionaea by DinoTools

Home of the dionaea honeypot

created at Dec. 21, 2015, 8:13 p.m.

44 +0

680 +1

182 +0

DC3-MWCP by Defense-Cyber-Crime-Center

DC3 Malware Configuration Parser (DC3-MWCP) is a framework for parsing configuration information from malware. The information extracted from malware includes items such as addresses, passwords, filenames, and mutex names.

created at May 6, 2015, 3:11 p.m.

43 +0

280 +1

58 +0

PortEx by katjahahn

Java library to analyse Portable Executable files with a special focus on malware analysis and PE malformation robustness

created at Sept. 27, 2013, 6:34 a.m.

43 +0

487 +0

95 +0

scalpel by sleuthkit

Scalpel is an open source data carving tool. It is not being actively maintained.

created at June 27, 2013, 4:59 p.m.

43 +0

603 +1

100 +0

quark-engine by quark-engine

Dig Vulnerabilities in the BlackBox

created at Oct. 22, 2019, 1:19 a.m.

41 +0

1,230 +3

163 +0

ioc_writer by mandiant

None

created at July 24, 2013, 6:33 p.m.

40 +0

199 +0

60 +0

VolUtility by kevthehermit

Web App for Volatility framework

created at March 21, 2016, 3:30 p.m.

40 +0

373 +0

81 +0

RABCDAsm by CyberShadow

Robust ABC (ActionScript Bytecode) [Dis-]Assembler

created at May 5, 2010, 7:23 a.m.

39 +0

419 +0

91 +0

box-js by CapacitorSet

A tool for studying JavaScript malware.

created at June 17, 2016, 4:38 p.m.

39 +0

594 +4

83 +0

evolve by JamesHabben

Web interface for the Volatility Memory Forensics Framework

created at April 14, 2015, 1:26 a.m.

38 +0

259 +0

42 +0

machinae by HurricaneLabs

Machinae Security Intelligence Collector

created at July 6, 2015, 3:14 p.m.

38 +0

495 +0

100 +0

polichombr by ANSSI-FR

Collaborative malware analysis framework

created at May 31, 2016, 6:54 p.m.

38 +0

372 +0

64 +0

javascript-malware-collection by HynekPetrak

Collection of almost 40.000 javascript malware samples

created at May 7, 2017, 7:17 p.m.

37 +0

631 +1

235 +0

mailchecker by FGRibreau

Cross-language temporary (disposable/throwaway) email detection library. Covers 55 734+ fake email providers.

created at March 4, 2013, 3 p.m.

37 +0

1,568 -1

239 +1

Limon by monnappa22

Limon is a sandbox developed as a research project written in python, which automatically collects, analyzes, and reports on the run time indicators of Linux malware. It allows one to inspect Linux malware before execution, during execution, and after execution (post-mortem analysis) by performing static, dynamic and memory analysis using open source tools

created at Nov. 21, 2015, 8:37 a.m.

36 +0

383 +0

121 +0

malsub by diogo-fernan

A Python RESTful API framework for online malware analysis and threat intelligence services.

created at Feb. 27, 2015, 10:43 p.m.

36 +0

362 +0

83 +0

fsf by EmersonElectricCo

File Scanning Framework

created at Aug. 6, 2015, 1:34 a.m.

35 +0

282 +0

49 +0

aleph by merces

An Open Source Malware Analysis Pipeline System

created at July 29, 2013, 5:32 a.m.

35 +0

153 +0

53 +0