291 Open source projects that are alternatives of or similar to Pe Sieve

A machine learning tool that ranks strings based on their relevance for malware analysis.

iOS & OSX Bluetooth library for RxSwift

WinDBG Anti-RootKit Extension

Analyzing Rig Exploit Kit

A hackable malware sandbox for the 21st Century

Mach-O & Universal Binary Parser

Various snippets created during malware analysis

Android Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android

FCL (Fileless Command Lines) - Known command lines of fileless malicious executions

[x86] Simple C++11 header-only cross-platform memhack library (hooks, patches, pointers, sig scan)

Library for hooking on ART

Norimaci is a simple and lightweight malware analysis sandbox for macOS

Droidefense: Advance Android Malware Analysis Framework

A curated list of awesome YARA rules, tools, and people.

Course Repository for University of Cincinnati Malware Analysis Class (CS[567]038)

Speedhack coded in C++, inspired by Cheat Engine's own speedhack.

PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform

Bringing you the best of the worst files on the Internet.

Hook function calls by replacing PLT(Procedure Linkage Table) entries.

A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.

Exploit Development and Reverse Engineering with GDB Made Easy

A modular Python application to pull intelligence about malicious files

Malware sample library.

Emofishes is a collection of proof of concepts that help improve, bypass or detect virtualized execution environments (focusing on the ones setup for malware analysis).

WinAppDbg Debugger

By hooking into the pre-push hook provided by Git, Talisman validates the outgoing changeset for things that look suspicious - such as authorization tokens and private keys.

idenLib - Library Function Identification [This project is not maintained anymore]

Builds malware analysis Windows VMs so that you don't have to.

Detours with just single dependency - NTDLL

This repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions

A Python RESTful API framework for online malware analysis and threat intelligence services.

yarGen is a generator for YARA rules

MISP (core software) - Open Source Threat Intelligence and Sharing Platform

A small template for Android Hooking with Substrate. (Includes a mod menu written in Java)

A comprehensive binary emulation and instrumentation platform.

Windows driver with usermode interface which can hide objects of file-system and registry, protect processes and etc

Portable Executable (PE) library written in .Net

Fast Static File Analysis Framework

Cuckoo Sandbox Dockerfile

A VBA parser and emulation engine to analyze malicious macros.

Drltrace is a library calls tracer for Windows and Linux applications.

Rust code to show how hooking in rust with a dll works.

Show uncommitted, untracked and unpushed changes for multiple Git repos

makin - reveal anti-debugging and anti-VM tricks [This project is not maintained anymore]

Another web vulnerabilities scanner, this extension works on Chrome and Opera

Mumble VoIP Plugin and mod for the popular game "Among Us" to enable Proximity Voice Chat.

A PHP version scanner for reporting possible vulnerabilities

HaboMalHunter is a sub-project of Habo Malware Analysis System (https://habo.qq.com), which can be used for automated malware analysis and security assessment on the Linux system.

PCSGOLH - Pointless Counter-Strike: Global Offensive Lua Hooks. A open-source Lua API for CS:GO hacking written in modern C++

Malware samples for analysis, researchers, anti-virus and system protection testing.(1300+ Malware-samples!)

A collection of malware samples and relevant dissection information, most probably referenced from http://blog.inquest.net

Yara rules written by me, for free use.

The first Linux hooking framework to allow merging two binary files into one!

Anti-.NET Malware/Packers - Detect most .NET Packers (and some native) used for malware.

Drebin - NDSS 2014 Re-implementation

[Official] Android reverse engineering tool focused on dynamic instrumentation automation. Powered by Frida. It disassembles dex, analyzes it statically, generates hooks, discovers reflected methods, stores intercepted data and does new things from it. Its aim is to be an all-in-one Android reverse engineering platform.

Modular file scanning/analysis framework

Script to create templates to use with VirtualBox to make vm detection harder

🔍 Offline Analyzer for extracting features, artifacts and IoCs from Windows, Linux, Android, iPhone, Blackberry, macOS binaries, emails and more

GDA is a new fast and powerful decompiler in C++(working without Java VM) for the APK, DEX, ODEX, OAT, JAR, AAR, and CLASS file. which supports malicious behavior detection, privacy leaking detection, vulnerability detection, path solving, packer identification, variable tracking, deobfuscation, python&java scripts, device memory extraction, dat…