362 Open source projects that are alternatives of or similar to Drakvuf

Sandboxed Execution Environment

Tools for inspecting disk images

Simpleator ("Simple-ator") is an innovative Windows-centric x64 user-mode application emulator that leverages several new features that were added in Windows 10 Spring Update (1803), also called "Redstone 4", with additional improvements that were made in Windows 10 October Update (1809), aka "Redstone 5".

The complete web solution to manage and backup XCP-ng and Citrix Hypervisor.

Droidefense: Advance Android Malware Analysis Framework

A machine learning tool that ranks strings based on their relevance for malware analysis.

ops - build and run nanos unikernels

Sandbox for semi-automatic Javascript malware analysis, deobfuscation and payload extraction. Written for Node.js

Yet one more wrapper around jail, bhyve and XEN on FreeBSD platform.

16,432 Free Yara rules created by

😸 A File Browser component for React.

A pattern based Dalvik deobfuscator which uses limited execution to improve semantic analysis

Course Repository for University of Cincinnati Malware Analysis Class (CS[567]038)

libhermit-rs: A Rust-based library operating system

An open source framework for enterprise level automated analysis.

A minimal, resource efficient unikernel for cloud services

A Linux Ransomware

Windows kernel and user mode emulation.

Deep Learning models for network traffic classification

LXDUI is a web UI for the native Linux container technology LXD/LXC

Script to create templates to use with VirtualBox to make vm detection harder

A Python RESTful API framework for online malware analysis and threat intelligence services.

Virtual Machine Introspection, Tracing & Debugging

Collaborative malware analysis framework

《macOS软件安全与逆向分析》随书源码

FCL (Fileless Command Lines) - Known command lines of fileless malicious executions

Whonix is an operating system focused on anonymity, privacy and security. It's based on the Tor anonymity network, Debian GNU/Linux and security by isolation. DNS leaks are impossible, and not even malware with root privileges can find out the user's real IP. https://www.whonix.org

SSMA - Simple Static Malware Analyzer [This project is not maintained anymore by me]

A collection of malware samples and relevant dissection information, most probably referenced from http://blog.inquest.net

DRAKVUF Sandbox - automated hypervisor-level malware analysis system

Android Reverse-Engineering Workbench for VS Code

Android virtual machine and deobfuscator

vSphere Integrated Containers Engine is a container runtime for vSphere.

GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging features for exploit developers & reverse engineers ☢

Leaked Linux.Mirai Source Code for Research/IoC Development Purposes

Exploit Development and Reverse Engineering with GDB Made Easy

A kernel designed to run one and only one application in a virtualized environment

Malware sample library.

WinDBG Anti-RootKit Extension

WinAppDbg Debugger

Kubernetes CRI implementation for running VM workloads

idenLib - Library Function Identification [This project is not maintained anymore]

React components for efficiently rendering large lists and tabular data

Enable enthusiasts and administrators alike to easily provision highly available and production-ready Kubernetes clusters on Proxmox VE.

Vagrant is a tool for building and distributing development environments.

A Tool for Automatic Analysis of Malware Behavior

The PE file analysis toolkit

Qemu KVM(Kernel Virtual Machine)学习笔记

OCI (Open Containers Initiative) compatible runtime using Virtual Machines

MISP (core software) - Open Source Threat Intelligence and Sharing Platform

A hackable malware sandbox for the 21st Century

Shell based, minimal dependency bhyve manager

FreeBSD bhyve manager utilizing ZFS

OCI (Open Containers Initiative) compatible runtime for Intel® Architecture

A comprehensive binary emulation and instrumentation platform.

Ganeti is a virtual machine cluster management tool built on top of existing virtualization technologies such as Xen or KVM and other open source software.

Various snippets created during malware analysis

HaboMalHunter is a sub-project of Habo Malware Analysis System (https://habo.qq.com), which can be used for automated malware analysis and security assessment on the Linux system.

Graphene / Graphene-SGX - a library OS for Linux multi-process applications, with Intel SGX support