memscrimperCode for the DIMVA 2018 paper: "MemScrimper: Time- and Space-Efficient Storage of Malware Sandbox Memory Dumps"
Stars: ✭ 25 (-92.35%)
Malconfscan With CuckooCuckoo Sandbox plugin for extracts configuration data of known malware
Stars: ✭ 110 (-66.36%)
Awesome HackingAwesome hacking is an awesome collection of hacking tools.
Stars: ✭ 1,802 (+451.07%)
VolatilityAn advanced memory forensics framework
Stars: ✭ 5,042 (+1441.9%)
MemtriageAllows you to quickly query a Windows machine for RAM artifacts
Stars: ✭ 200 (-38.84%)
DFIR Resources REvil KaseyaResources for DFIR Professionals Responding to the REvil Ransomware Kaseya Supply Chain Attack
Stars: ✭ 172 (-47.4%)
Artifacts KitPseudo-malicious usermode memory artifact generator kit designed to easily mimic the footprints left by real malware on an infected Windows OS.
Stars: ✭ 99 (-69.72%)
MbaMalware Behavior Analyzer
Stars: ✭ 125 (-61.77%)
Ir RescueA Windows Batch script and a Unix Bash script to comprehensively collect host forensic data during incident response.
Stars: ✭ 311 (-4.89%)
monetaMoneta is a live usermode memory analysis tool for Windows with the capability to detect malware IOCs
Stars: ✭ 384 (+17.43%)
Vol3xpVolatility Explorer Suit
Stars: ✭ 31 (-90.52%)
Ghostshell Malware indetectable, with AV bypass techniques, anti-disassembly, etc.
Stars: ✭ 293 (-10.4%)
CrypterCrypter - Python3 based builder and ransomware compiled to Windows executable using PyInstaller
Stars: ✭ 268 (-18.04%)
InfectpeInfectPE - Inject custom code into PE file [This project is not maintained anymore]
Stars: ✭ 266 (-18.65%)
Remot3dRemot3d: is a simple tool created for large pentesters as well as just for the pleasure of defacers to control server by backdoors
Stars: ✭ 263 (-19.57%)
HackdroidAndroid Apps, Roms and Platforms for Pentesting
Stars: ✭ 310 (-5.2%)
MedusaBinary instrumentation framework based on FRIDA
Stars: ✭ 258 (-21.1%)
CommunityVolatility plugins developed and maintained by the community
Stars: ✭ 252 (-22.94%)
Hack-UtilsScript to facilitate different functions and checks
Stars: ✭ 27 (-91.74%)
YobiYara Based Detection Engine for web browsers
Stars: ✭ 39 (-88.07%)
wipedicksWipe files and drives securely with randoms ASCII dicks
Stars: ✭ 94 (-71.25%)
Ghost👻 RAT (Remote Access Trojan) - Silent Botnet - Full Remote Command-Line Access - Download & Execute Programs - Spread Virus' & Malware
Stars: ✭ 312 (-4.59%)
ProwlerProwler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 200 controls covering CIS, ISO27001, GDPR, HIPAA, SOC2, ENS and other security frameworks.
Stars: ✭ 4,561 (+1294.8%)
Nt wrapperA wrapper library around native windows sytem APIs
Stars: ✭ 287 (-12.23%)
freki🐺 Malware analysis platform
Stars: ✭ 327 (+0%)
ZelosA comprehensive binary emulation and instrumentation platform.
Stars: ✭ 298 (-8.87%)
Al KhaserPublic malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
Stars: ✭ 3,573 (+992.66%)
RansomwareCrypto Ransomware made with: - Go for encryption and decryption - PHP/MySQL for saving and retrieving keys.
Stars: ✭ 19 (-94.19%)
MqueryYARA malware query accelerator (web frontend)
Stars: ✭ 264 (-19.27%)
Vxug PapersResearch code & papers from members of vx-underground.
Stars: ✭ 291 (-11.01%)
SimpleatorSimpleator ("Simple-ator") is an innovative Windows-centric x64 user-mode application emulator that leverages several new features that were added in Windows 10 Spring Update (1803), also called "Redstone 4", with additional improvements that were made in Windows 10 October Update (1809), aka "Redstone 5".
Stars: ✭ 260 (-20.49%)
FidlA sane API for IDA Pro's decompiler. Useful for malware RE and vulnerability research
Stars: ✭ 319 (-2.45%)
TeleShadow2TeleShadow - Telegram Desktop Session Stealer (Windows)
Stars: ✭ 88 (-73.09%)
MobileperfAndroid performance test
Stars: ✭ 286 (-12.54%)
M-BotnetA C2 project that controls a self-propagating MS17-010 worm.
Stars: ✭ 39 (-88.07%)
ColdfireGolang malware development framework
Stars: ✭ 309 (-5.5%)
Open-source-tools-for-CTIPublic Repository of Open Source Tools for Cyber Threat Intelligence Analysts and Researchers
Stars: ✭ 91 (-72.17%)
Adamantium Thief🔑 Decrypt chromium based browsers passwords, cookies, credit cards, history, bookmarks, autofill. Version > 80 is supported.
Stars: ✭ 283 (-13.46%)
AMLeaksFinderA small tool for automatically detecting the [controller, view memory leak] in the project. 一款用于自动检测项目中【控制器内存泄漏,View 内存泄漏】的小工具,支持 ObjC,Swift。
Stars: ✭ 89 (-72.78%)
carrierwave-attachmentscannerAdds the ability to send CarrierWave uploads to Attachment Scanner for virus and malware prevention.
Stars: ✭ 14 (-95.72%)
MeerkatA collection of PowerShell modules designed for artifact gathering and reconnaisance of Windows-based endpoints.
Stars: ✭ 284 (-13.15%)
MalsubA Python RESTful API framework for online malware analysis and threat intelligence services.
Stars: ✭ 308 (-5.81%)
KeyPlexerCapstone: Keylogger Trojan
Stars: ✭ 32 (-90.21%)
Freki🐺 Malware analysis platform
Stars: ✭ 285 (-12.84%)
malware-s2eCode for my blog post on using S2E for malware analysis
Stars: ✭ 21 (-93.58%)
VBoxCloakA PowerShell script that attempts to help malware analysts hide their Windows VirtualBox Windows VM's from malware that may be trying to evade analysis. Guaranteed to bring down your pafish ratings by at least a few points ;)
Stars: ✭ 49 (-85.02%)
RecuperabitA tool for forensic file system reconstruction.
Stars: ✭ 280 (-14.37%)
MalwareDatabaseMalware samples for analysis, researchers, anti-virus and system protection testing.(1300+ Malware-samples!)
Stars: ✭ 21 (-93.58%)
bits parserExtract BITS jobs from QMGR queue and store them as CSV records
Stars: ✭ 64 (-80.43%)
RichkwareFramework for building Windows malware, written in C++
Stars: ✭ 315 (-3.67%)
CryptskyA simple, fully python ransomware PoC
Stars: ✭ 304 (-7.03%)
FilprofilerA Python memory profiler for data processing and scientific computing applications
Stars: ✭ 277 (-15.29%)
MalwareHashDBMalware hashes for open source projects.
Stars: ✭ 31 (-90.52%)
o1heapConstant-complexity deterministic memory allocator (heap) for hard real-time high-integrity embedded systems
Stars: ✭ 119 (-63.61%)
Misp GalaxyClusters and elements to attach to MISP events or attributes (like threat actors)
Stars: ✭ 276 (-15.6%)
AutoIt-RipperExtract AutoIt scripts embedded in PE binaries
Stars: ✭ 101 (-69.11%)