MalwaresearchA command line tool to find malwares on http://openmalware.org
Stars: ✭ 190 (+352.38%)
AntidebuggingA collection of c++ programs that demonstrate common ways to detect the presence of an attached debugger.
Stars: ✭ 161 (+283.33%)
XapkdetectorAPK/DEX detector for Windows, Linux and MacOS.
Stars: ✭ 208 (+395.24%)
KartonDistributed malware processing framework based on Python, Redis and MinIO.
Stars: ✭ 134 (+219.05%)
ssdcssdeep cluster analysis for malware files
Stars: ✭ 24 (-42.86%)
Rebel FrameworkAdvanced and easy to use penetration testing framework 💣🔎
Stars: ✭ 183 (+335.71%)
Guanciale🥓 Grab info needed by Carbonara from executables and disassemblers databases
Stars: ✭ 14 (-66.67%)
IntelowlIntel Owl: analyze files, domains, IPs in multiple ways from a single API at scale
Stars: ✭ 2,114 (+4933.33%)
XlmmacrodeobfuscatorExtract and Deobfuscate XLM macros (a.k.a Excel 4.0 Macros)
Stars: ✭ 243 (+478.57%)
OsweepDon't Just Search OSINT. Sweep It.
Stars: ✭ 225 (+435.71%)
aparoidStatic and dynamic Android application security analysis
Stars: ✭ 62 (+47.62%)
CmulatorCmulator is ( x86 - x64 ) Scriptable Reverse Engineering Sandbox Emulator for shellcode and PE binaries . Based on Unicorn & Zydis Engine & javascript
Stars: ✭ 197 (+369.05%)
toolkitThe essential toolkit for reversing, malware analysis, and cracking
Stars: ✭ 176 (+319.05%)
Detect It EasyProgram for determining types of files for Windows, Linux and MacOS.
Stars: ✭ 2,982 (+7000%)
angr-antievasionFinal project for the M.Sc. in Engineering in Computer Science at Università degli Studi di Roma "La Sapienza" (A.Y. 2016/2017).
Stars: ✭ 35 (-16.67%)
AntidbgA bunch of Windows anti-debugging tricks for x86 and x64.
Stars: ✭ 177 (+321.43%)
learning-malware-analysisThis repository contains sample programs that mimick behavior found in real-world malware. The goal is to provide source code that can be compiled and used for learning purposes, without having to worry about handling live malware.
Stars: ✭ 124 (+195.24%)
Docker MispAutomated Docker MISP container - Malware Information Sharing Platform and Threat Sharing
Stars: ✭ 148 (+252.38%)
Flare VmNo description or website provided.
Stars: ✭ 3,201 (+7521.43%)
BinsnitchDetect silent (unwanted) changes to files on your system
Stars: ✭ 144 (+242.86%)
bonomenBONOMEN - Hunt for Malware Critical Process Impersonation
Stars: ✭ 42 (+0%)
MazewalkerToolkit for enriching and speeding up static malware analysis
Stars: ✭ 132 (+214.29%)
DrsemuDrSemu - Sandboxed Malware Detection and Classification Tool Based on Dynamic Behavior
Stars: ✭ 237 (+464.29%)
Radare2UNIX-like reverse engineering framework and command-line toolset
Stars: ✭ 15,412 (+36595.24%)
Mwdb CoreMalware repository component for samples & static configuration with REST API interface.
Stars: ✭ 125 (+197.62%)
cheatsheetThese are some of the commands which I use frequently during Malware Analysis and DFIR.
Stars: ✭ 23 (-45.24%)
Threat HuntingPersonal compilation of APT malware from whitepaper releases, documents and own research
Stars: ✭ 219 (+421.43%)
telfhashSymbol hash for ELF files
Stars: ✭ 75 (+78.57%)
LiefAuthors
Stars: ✭ 2,730 (+6400%)
Malware-ZooHashes of infamous malware
Stars: ✭ 18 (-57.14%)
ReplicaGhidra Analysis Enhancer 🐉
Stars: ✭ 194 (+361.9%)
bluepillBluePill: Neutralizing Anti-Analysis Behavior in Malware Dissection (Black Hat Europe 2019, IEEE TIFS 2020)
Stars: ✭ 94 (+123.81%)
ApkfileAndroid app analysis and feature extraction library
Stars: ✭ 190 (+352.38%)
Attack monitorEndpoint detection & Malware analysis software
Stars: ✭ 186 (+342.86%)
emeraldImport DynamoRIO drcov code coverage data into Ghidra
Stars: ✭ 30 (-28.57%)
ProbedroidA SDK for the creation of analysis tools without obtaining app source code in order to profile runtime performance, examine code coverage, and track high-risk behaviors of a given app on Android 5.0 and above.
Stars: ✭ 182 (+333.33%)
OwlyshieldOwlyshield is an EDR framework designed to safeguard vulnerable applications from potential exploitation (C&C, exfiltration and impact))..
Stars: ✭ 281 (+569.05%)
LisaSandbox for automated Linux malware analysis.
Stars: ✭ 177 (+321.43%)
malware-persistenceCollection of malware persistence and hunting information. Be a persistent persistence hunter!
Stars: ✭ 109 (+159.52%)
Kernel-dll-injectorKernel-Mode Driver that loads a dll into every new created process that loads kernel32.dll module
Stars: ✭ 256 (+509.52%)
ApiscoutThis project aims at simplifying Windows API import recovery on arbitrary memory dumps
Stars: ✭ 146 (+247.62%)
assemblylineAssemblyLine 4 - File triage and malware analysis
Stars: ✭ 69 (+64.29%)
Nauz File DetectorLinker/Compiler/Tool detector for Windows, Linux and MacOS.
Stars: ✭ 146 (+247.62%)
Pepper An open source script to perform malware static analysis on Portable Executable
Stars: ✭ 250 (+495.24%)
BashacksSet of functions to increase productivity while hacking with Bash
Stars: ✭ 138 (+228.57%)
Awesome CsirtAwesome CSIRT is an curated list of links and resources in security and CSIRT daily activities.
Stars: ✭ 132 (+214.29%)
Vba2graphVba2Graph - Generate call graphs from VBA code, for easier analysis of malicious documents.
Stars: ✭ 245 (+483.33%)
Visualize logsA Python library and command line tools to provide interactive log visualization.
Stars: ✭ 128 (+204.76%)
NaoSimple No-meaning Assembly Omitter for IDA Pro (This is just a prototype)
Stars: ✭ 228 (+442.86%)
xLoggerSimple windows API logger
Stars: ✭ 62 (+47.62%)
SuperLibraryInformation Security Library
Stars: ✭ 60 (+42.86%)
assemblyline-coreCore server components for Assemblyline 4 (Alerter, dispatcher, expiry, ingester, scaler, updater, ...)
Stars: ✭ 16 (-61.9%)
WeDefend⛔🛡️ WeDefend - Monitor and Protect Windows from Remote Access Trojan
Stars: ✭ 23 (-45.24%)
Shed.NET runtime inspector
Stars: ✭ 229 (+445.24%)