GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → andreafortuna → malhunt

andreafortuna / malhunt

Licence: other
Hunt malware with Volatility

Programming Languages

python
139335 projects - #7 most used programming language

Labels

malware-analysisvolatility

Projects that are alternatives of or similar to malhunt

calamity
A script to assist in processing forensic RAM captures for malware triage
Stars: ✭ 24 (-20%)
Mutual labels:  malware-analysis, volatility
malware-writeups
Personal research and publication on malware families
Stars: ✭ 104 (+246.67%)
Mutual labels:  malware-analysis
MCAntiMalware
Anti-Malware for minecraft
Stars: ✭ 182 (+506.67%)
Mutual labels:  malware-analysis
vminspect
Tools for inspecting disk images
Stars: ✭ 25 (-16.67%)
Mutual labels:  malware-analysis
Anti-Debugging
A collection of c++ programs that demonstrate common ways to detect the presence of an attached debugger.
Stars: ✭ 297 (+890%)
Mutual labels:  malware-analysis
optlib
A library for financial options pricing written in Python.
Stars: ✭ 166 (+453.33%)
Mutual labels:  volatility
binlex
A Binary Genetic Traits Lexer Framework
Stars: ✭ 303 (+910%)
Mutual labels:  malware-analysis
OLEPackagerFormat
OLE Package Format Documentation
Stars: ✭ 18 (-40%)
Mutual labels:  malware-analysis
stringsifter
A machine learning tool that ranks strings based on their relevance for malware analysis.
Stars: ✭ 567 (+1790%)
Mutual labels:  malware-analysis
fame modules
Community modules for FAME
Stars: ✭ 55 (+83.33%)
Mutual labels:  malware-analysis
Practical Malware Analysis
Materials for a course based on the Practical Malware Analysis text by Andrew Honig and Michael Sikorski
Stars: ✭ 16 (-46.67%)
Mutual labels:  malware-analysis
autoVolatility
Run several volatility plugins at the same time
Stars: ✭ 63 (+110%)
Mutual labels:  volatility
speakeasy
Windows kernel and user mode emulation.
Stars: ✭ 1,017 (+3290%)
Mutual labels:  malware-analysis
UnAutoIt
The Cross Platform AutoIt Extractor
Stars: ✭ 90 (+200%)
Mutual labels:  malware-analysis
Vol3xp
Volatility Explorer Suit
Stars: ✭ 31 (+3.33%)
Mutual labels:  volatility
quincy
Implementation of the DIMVA 2017 publication "Quincy: Detecting Host-Based Code Injection Attacks in Memory Dumps"
Stars: ✭ 66 (+120%)
Mutual labels:  volatility
pyOptionPricing
Option pricing based on Black-Scholes processes, Monte-Carlo simulations with Geometric Brownian Motion, historical volatility, implied volatility, Greeks hedging
Stars: ✭ 190 (+533.33%)
Mutual labels:  volatility
REW-sploit
Emulate and Dissect MSF and *other* attacks
Stars: ✭ 115 (+283.33%)
Mutual labels:  malware-analysis
flare-on-challenges
Write-ups for FireEye's FLARE-On challenges
Stars: ✭ 24 (-20%)
Mutual labels:  malware-analysis
rtfraptor
Extract OLEv1 objects from RTF files by instrumenting Word
Stars: ✭ 50 (+66.67%)
Mutual labels:  malware-analysis
View All Similar Projects ➔

Malhunt

Search malware in memory dumps using Volatiliy.

Requirements

  • Python
  • Git
  • Volatility
  • Clamscan

How it works

Malhunt demo

The script applies my workflow for malware analysis:

  • Performs image identification
  • Scans processes with yara rules, malfind and network blacklist in order to find suspicious artifacts
  • Saves memory dump and handles of suspicious processes
  • Scans saved processes with clamscan
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].