malware-persistenceCollection of malware persistence and hunting information. Be a persistent persistence hunter!
Stars: ✭ 109 (-73.35%)
Malware FeedBringing you the best of the worst files on the Internet.
Stars: ✭ 69 (-83.13%)
Threat HuntingPersonal compilation of APT malware from whitepaper releases, documents and own research
Stars: ✭ 219 (-46.45%)
MedusaBinary instrumentation framework based on FRIDA
Stars: ✭ 258 (-36.92%)
malware-writeupsPersonal research and publication on malware families
Stars: ✭ 104 (-74.57%)
Virustotal ToolsSubmits multiple domains to VirusTotal API
Stars: ✭ 29 (-92.91%)
Awesome YaraA curated list of awesome YARA rules, tools, and people.
Stars: ✭ 1,394 (+240.83%)
IntelowlIntel Owl: analyze files, domains, IPs in multiple ways from a single API at scale
Stars: ✭ 2,114 (+416.87%)
yaraMalice Yara Plugin
Stars: ✭ 27 (-93.4%)
FameFAME Automates Malware Evaluation
Stars: ✭ 663 (+62.1%)
OwlyshieldOwlyshield is an EDR framework designed to safeguard vulnerable applications from potential exploitation (C&C, exfiltration and impact))..
Stars: ✭ 281 (-31.3%)
MindMaps#ThreatHunting #DFIR #Malware #Detection Mind Maps
Stars: ✭ 224 (-45.23%)
binlexA Binary Genetic Traits Lexer Framework
Stars: ✭ 303 (-25.92%)
PatrowlmanagerPatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform
Stars: ✭ 363 (-11.25%)
SsmaSSMA - Simple Static Malware Analyzer [This project is not maintained anymore by me]
Stars: ✭ 388 (-5.13%)
fame modulesCommunity modules for FAME
Stars: ✭ 55 (-86.55%)
EngineDroidefense: Advance Android Malware Analysis Framework
Stars: ✭ 386 (-5.62%)
mobileAuditDjango application that performs SAST and Malware Analysis for Android APKs
Stars: ✭ 140 (-65.77%)
StoqAn open source framework for enterprise level automated analysis.
Stars: ✭ 352 (-13.94%)
PwndbgExploit Development and Reverse Engineering with GDB Made Easy
Stars: ✭ 4,178 (+921.52%)
ir scriptsincident response scripts
Stars: ✭ 17 (-95.84%)
Dex OracleA pattern based Dalvik deobfuscator which uses limited execution to improve semantic analysis
Stars: ✭ 398 (-2.69%)
rhqRecon Hunt Queries
Stars: ✭ 66 (-83.86%)
PowerGRRPowerGRR is an API client library in PowerShell working on Windows, Linux and macOS for GRR automation and scripting.
Stars: ✭ 52 (-87.29%)
bluepillBluePill: Neutralizing Anti-Analysis Behavior in Malware Dissection (Black Hat Europe 2019, IEEE TIFS 2020)
Stars: ✭ 94 (-77.02%)
Batch-AntivirusBatch Antivirus, a powerful antivirus suite written in batch with real-time protection and heuristical scanning.
Stars: ✭ 26 (-93.64%)
Anti-DebuggingA collection of c++ programs that demonstrate common ways to detect the presence of an attached debugger.
Stars: ✭ 297 (-27.38%)
MalScanA Simple PE File Heuristics Scanners
Stars: ✭ 41 (-89.98%)
MalwareDatabaseMalware samples for analysis, researchers, anti-virus and system protection testing.(1300+ Malware-samples!)
Stars: ✭ 21 (-94.87%)
decrypticonJava-layer Android Malware Simplifier
Stars: ✭ 17 (-95.84%)
csbdThe repository contains the python implementation of the Android Malware Detection paper: "Empirical assessment of machine learning-based malware detectors for Android: Measuring the Gap between In-the-Lab and In-the-Wild Validation Scenarios"
Stars: ✭ 20 (-95.11%)
Drakvuf SandboxDRAKVUF Sandbox - automated hypervisor-level malware analysis system
Stars: ✭ 384 (-6.11%)
HomebrewOverlayBrowser extension adware (showHomebrewOverlayOuter)
Stars: ✭ 52 (-87.29%)
fastfinderIncident Response - Fast suspicious file finder
Stars: ✭ 116 (-71.64%)
maldetectDebian packaging of Linux Malware Detect (https://github.com/rfxn/linux-malware-detect)
Stars: ✭ 48 (-88.26%)
MalwareHashDBMalware hashes for open source projects.
Stars: ✭ 31 (-92.42%)
TweetFeedCollecting IOCs posted on Twitter
Stars: ✭ 181 (-55.75%)
ThreatpinchlookupDocumentation and Sharing Repository for ThreatPinch Lookup Chrome & Firefox Extension
Stars: ✭ 257 (-37.16%)
SimpleatorSimpleator ("Simple-ator") is an innovative Windows-centric x64 user-mode application emulator that leverages several new features that were added in Windows 10 Spring Update (1803), also called "Redstone 4", with additional improvements that were made in Windows 10 October Update (1809), aka "Redstone 5".
Stars: ✭ 260 (-36.43%)
Misp GalaxyClusters and elements to attach to MISP events or attributes (like threat actors)
Stars: ✭ 276 (-32.52%)
malice-avMalice AntiVirus Plugins
Stars: ✭ 98 (-76.04%)
freki🐺 Malware analysis platform
Stars: ✭ 327 (-20.05%)
DrltraceDrltrace is a library calls tracer for Windows and Linux applications.
Stars: ✭ 282 (-31.05%)
GonnacryA Linux Ransomware
Stars: ✭ 341 (-16.63%)
ZelosA comprehensive binary emulation and instrumentation platform.
Stars: ✭ 298 (-27.14%)
Apt HunterAPT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity
Stars: ✭ 297 (-27.38%)
UrlextractorInformation gathering & website reconnaissance | https://phishstats.info/
Stars: ✭ 341 (-16.63%)
MispMISP (core software) - Open Source Threat Intelligence and Sharing Platform
Stars: ✭ 3,485 (+752.08%)
SimplifyAndroid virtual machine and deobfuscator
Stars: ✭ 3,865 (+844.99%)