memscrimperCode for the DIMVA 2018 paper: "MemScrimper: Time- and Space-Efficient Storage of Malware Sandbox Memory Dumps"
Stars: ✭ 25 (-85.47%)
Mutual labels: malware, forensics
Artifacts KitPseudo-malicious usermode memory artifact generator kit designed to easily mimic the footprints left by real malware on an infected Windows OS.
Stars: ✭ 99 (-42.44%)
Mutual labels: malware, forensics
Ir RescueA Windows Batch script and a Unix Bash script to comprehensively collect host forensic data during incident response.
Stars: ✭ 311 (+80.81%)
Mutual labels: malware, forensics
Awesome HackingAwesome hacking is an awesome collection of hacking tools.
Stars: ✭ 1,802 (+947.67%)
Mutual labels: malware, forensics
MalconfscanVolatility plugin for extracts configuration data of known malware
Stars: ✭ 327 (+90.12%)
Mutual labels: malware, forensics
MbaMalware Behavior Analyzer
Stars: ✭ 125 (-27.33%)
Mutual labels: malware, forensics
FilewatcherA simple auditing utility for macOS
Stars: ✭ 233 (+35.47%)
Mutual labels: malware
VX-APICollection of various malicious functionality to aid in malware development
Stars: ✭ 904 (+425.58%)
Mutual labels: malware
KicomavKicomAV is an open source (GPL v2) antivirus engine designed for detecting malware and disinfecting it.
Stars: ✭ 227 (+31.98%)
Mutual labels: malware
Threat HuntingPersonal compilation of APT malware from whitepaper releases, documents and own research
Stars: ✭ 219 (+27.33%)
Mutual labels: malware
IAT APIAssembly block for finding and calling the windows API functions inside import address table(IAT) of the running PE file.
Stars: ✭ 63 (-63.37%)
Mutual labels: malware
Kernel-dll-injectorKernel-Mode Driver that loads a dll into every new created process that loads kernel32.dll module
Stars: ✭ 256 (+48.84%)
Mutual labels: malware
rhinoAgile Sandbox for analyzing Windows, Linux and macOS malware and execution behaviors
Stars: ✭ 49 (-71.51%)
Mutual labels: malware
Malware SamplesMalware samples, analysis exercises and other interesting resources.
Stars: ✭ 241 (+40.12%)
Mutual labels: malware
prowlerProwler is an Open Source Security tool for AWS, Azure and GCP to perform Cloud Security best practices assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. It contains hundreds of controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks.
Stars: ✭ 8,046 (+4577.91%)
Mutual labels: forensics
ElfparserCross Platform ELF analysis
Stars: ✭ 228 (+32.56%)
Mutual labels: malware
windows-defenderMalice Windows Defender AntiVirus Plugin
Stars: ✭ 31 (-81.98%)
Mutual labels: malware
Lime CrypterSimple obfuscation tool
Stars: ✭ 217 (+26.16%)
Mutual labels: malware
Runpe In MemoryRun a Exe File (PE Module) in memory (like an Application Loader)
Stars: ✭ 249 (+44.77%)
Mutual labels: malware
CCXDiggerThe CyberCX Digger project is designed to help Australian organisations determine if they have been impacted by certain high profile cyber security incidents. Digger provides threat hunting functionality packaged in a simple-to-use tool, allowing users to detect certain attacker activities; all for free.
Stars: ✭ 45 (-73.84%)
Mutual labels: forensics