ghidra by NationalSecurityAgency

Ghidra is a software reverse engineering (SRE) framework

created at March 1, 2019, 3:27 a.m.

1,022 -1

48,977 +156

5,633 +5

radare2 by radareorg

UNIX-like reverse engineering framework and command-line toolset

created at July 3, 2012, 7:42 a.m.

486 +0

19,900 +40

2,951 +0

atomic-red-team by redcanaryco

Small and highly portable detection tests based on MITRE's ATT&CK.

created at Oct. 11, 2017, 5:23 p.m.

349 -1

9,293 +24

2,706 +6

sigma by SigmaHQ

Main Sigma Rule Repository

created at Dec. 24, 2016, 9:48 a.m.

331 +1

7,825 +25

2,119 +1

cuckoo by cuckoosandbox

Cuckoo Sandbox is an automated dynamic malware analysis system

created at Sept. 7, 2011, 12:12 p.m.

437 +0

5,458 +3

1,693 +0

sysmon-config by SwiftOnSecurity

Sysmon configuration file template with default high-quality event tracing

created at Feb. 1, 2017, 6:49 p.m.

357 -1

4,628 +7

1,681 +2

volatility by volatilityfoundation

An advanced memory forensics framework

created at April 24, 2014, 3:45 p.m.

307 +0

7,024 +13

1,258 +4

cutter by rizinorg

Free and Open Source Reverse Engineering Platform powered by rizin

created at Sept. 25, 2017, 9:50 a.m.

298 -2

15,288 +27

1,135 +0

caldera by mitre

Automated Adversary Emulation Platform

created at Nov. 29, 2017, 1:25 a.m.

166 +0

5,306 +14

1,028 -1

flare-vm by mandiant

A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.

created at July 5, 2017, 9:17 p.m.

202 +1

6,061 +36

878 +1

ThreatHunter-Playbook by OTRF

A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.

created at March 28, 2017, 3:07 a.m.

369 +0

3,911 +6

798 +0

grr by google

GRR Rapid Response: remote live forensics for incident response

created at Dec. 4, 2013, 12:17 a.m.

317 +0

4,686 +5

760 +0

HELK by Cyb3rWard0g

The Hunting ELK

created at March 14, 2017, 7:14 p.m.

214 +0

3,722 +2

676 +1

awesome-forensics by cugu

A curated list of awesome forensic analysis tools and resources

created at March 29, 2016, 8:54 p.m.

167 +0

3,690 +22

598 +2

timesketch by google

Collaborative forensic timeline analysis

created at June 19, 2014, 5:49 p.m.

137 +0

2,522 +5

577 +0

Loki by Neo23x0

Loki - Simple IOC and YARA Scanner

created at Jan. 18, 2015, 8:39 a.m.

186 +0

3,276 +5

576 +1

sysmon-modular by olafhartong

A repository of sysmon configuration modules

created at Jan. 13, 2018, 9:20 p.m.

165 +1

2,543 +5

572 +0

security-onion by Security-Onion-Solutions

Security Onion 16.04 - Linux distro for threat hunting, enterprise security monitoring, and log management

created at March 24, 2015, 8:15 p.m.

301 +0

3,055 +0

517 -1

DidierStevensSuite by DidierStevens

Please no pull requests for this repository. Thanks!

created at May 8, 2015, 11:21 a.m.

124 +1

1,885 +6

506 +1

capa by mandiant

The FLARE team's open-source tool to identify capabilities in executable files.

created at June 16, 2020, 9:24 p.m.

80 +0

3,967 +12

496 +0