745 Open source projects that are alternatives of or similar to Cs7038 Malware Analysis

Collection of top articles about great software engineering practices.

"Microservices Architecture for eCommerce" is an Open Source Book on Microservices and Headless eCommerce. Feel invited to contribute! Read online or download a PDF

Malware samples for analysis, researchers, anti-virus and system protection testing.(1300+ Malware-samples!)

MISP (core software) - Open Source Threat Intelligence and Sharing Platform

Malware hashes for open source projects.

An open source framework for enterprise level automated analysis.

Interactive Multiphysics Simulation for Everyone

🎯 XML External Entity (XXE) Injection Payload List

This repo aim to show you what to learn on the way to excellence.

Writeups for infosec Capture the Flag events by team Galaxians

Interactive Threat Intelligence Bot that leverages serverless framework, AWS/GCP, and Slack

A comprehensive binary emulation and instrumentation platform.

No description or website provided.

Android virtual machine and deobfuscator

a better way to visualize your university credits and disciplines

HTTP Request Smuggling over HTTP/2 Cleartext (h2c)

RHEOS - Open Source Rheology data analysis software

bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.

Automating management tasks to help managers focus on more strategic wins.

Blind WAF identification tool

No description or website provided.

Sandbox for semi-automatic Javascript malware analysis, deobfuscation and payload extraction. Written for Node.js

An API for the myCUinfo system at CU Boulder

Cuckoo Sandbox Dockerfile

JITM is an automated tool to bypass the JIT Hooking protection on a .NET sample.

16,432 Free Yara rules created by

Malware Analysis Zoo

⬆️ ☠️ Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, polkit, docker socket

Security Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.

RAIR: RAdare In Rust

Drltrace is a library calls tracer for Windows and Linux applications.

A Tool for Domain Flyovers

RF and Microwave Engineering Scikit

A friendly schedule building interface for Sabancı University students.

Code written as part of our various malware investigations

Dorothy is a tool to test security monitoring and detection for Okta environments

Snyk's public vulnerability database

Comprehensive Web Based Phishing Suite for Rapid Deployment and Real-Time Alerting!

This repository is used to store answers when resolving ctf challanges, how i came to that answer and the line of thought used to reach it.

LinkedinScraper is an another information gathering tool written in python. You can scrape employees of companies on Linkedin.com and then create these employee names, titles and emails.

Extract subdomains from SSL certificates in HTTPS sites.

Debian packaging of Linux Malware Detect (https://github.com/rfxn/linux-malware-detect)

Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer

GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging features for exploit developers & reverse engineers ☢

A collection of companies' engineering blogs, to help you improve your software engineering skill and learn how their software work. 📖🛠

A Linux Ransomware

Open source JavaScript SDK for viewing high-detail, full-precision 3D BIM and AEC models in the Web browser.

Automated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED]

Designed to be installed on a fresh install of raspbian on a raspberry pi, by combining Respounder (Responder detection) and Artillery (port and service spoofing) for network deception, this tool allows you to detect an attacker on the network quickly by weeding out general noisy alerts with only those that matter.

Writeups of CTF challenges

Awesome cloud enumerator

A tool to help malware analysts signature unique parts of RTF documents

Corana is a Dynamic Symbolic Execution Engine for ARM Cortex-M aiming to incrementally reconstruct the precise Control Flow Graph (CFG) of IoT malware under the presence of obfuscation techniques e.g., indirect jumps and opaque predicates

Tool to check for dependency confusion vulnerabilities in multiple package management systems

Mesh optimization, mesh smoothing.

A training curriculum for teaching information security "champions" within small organisations and helping them conduct a basic assessment. (Work in progress)

A collection of over 5.1 million sub-domains and assets belonging to public bug bounty programs, compiled into a repo, for performing bulk operations.

List of my talks and workshops: security engineering, applied cryptography, secure software development

An ICAP Server with yara scanner for URL and content.

An embedded engineering calculator toolbox for doing calculations in a breeze.