Differential Analysis of Malware in Memory
☆216Apr 16, 2017Updated 8 years ago
Alternatives and similar repositories for DAMM
Users that are interested in DAMM are comparing it to the libraries listed below
Sorting:
- VolDiff: Malware Memory Footprint Analysis based on Volatility☆197Sep 12, 2017Updated 8 years ago
- Discover potential timestamps within the Windows Registry☆19Apr 22, 2014Updated 11 years ago
- Web interface for the Volatility Memory Forensics Framework☆260Nov 21, 2017Updated 8 years ago
- Web App for Volatility framework☆390Jan 13, 2026Updated last month
- Malware Fragmentation Tool its a tool that simply fragment the PE file and it can disassemble the PE file, etc this tool very useful for…☆37Nov 22, 2015Updated 10 years ago
- Based on the Volatility framework, this script will run various plugins as well as create a timeline, or use YARA/ClamAV/VirusTotal to fi…☆49May 31, 2017Updated 8 years ago
- Collection of different ways to execute code outside of the expected entry points☆16Aug 4, 2013Updated 12 years ago
- VolatilityBot – An automated memory analyzer for malware samples and memory dumps☆270Jun 15, 2021Updated 4 years ago
- x64 Windows Software Fault Injection Tool☆17Dec 2, 2017Updated 8 years ago
- Analysis PE file or Shellcode☆50Jul 28, 2016Updated 9 years ago
- A short and small memory forensics helper.☆52Oct 18, 2017Updated 8 years ago
- inVtero.net: A high speed (Gbps) Forensics, Memory integrity & assurance. Includes offensive & defensive memory capabilities. Find/Extr…☆294Sep 30, 2023Updated 2 years ago
- PyAna - Analyzing the Windows shellcode☆247Feb 16, 2016Updated 10 years ago
- EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.☆208Mar 12, 2025Updated 11 months ago
- Windows Live Artifacts Acquisition Script☆190Jun 20, 2022Updated 3 years ago
- The official repo of BSIS☆14Feb 16, 2012Updated 14 years ago
- Packet Acumen☆19Aug 20, 2014Updated 11 years ago
- Builds json representation of PDF malware sample☆53Apr 11, 2011Updated 14 years ago
- map file generator for intel x86 binary based on flirt signature☆83May 2, 2016Updated 9 years ago
- Portable utility to check if a machine has been infected by Shamoon2☆15Jan 13, 2017Updated 9 years ago
- Multi theaded DNS bruteforcing☆13May 7, 2014Updated 11 years ago
- Exploit kit analyzer☆22Mar 3, 2015Updated 11 years ago
- Python script to decode common encoded PowerShell scripts☆217Jun 13, 2018Updated 7 years ago
- A Rekall interactive document for a Memory Analysis workshop/course.☆43Mar 8, 2017Updated 8 years ago
- MalRecon - Basic Malware Reconnaissance and Analysis Tool☆26Jun 8, 2017Updated 8 years ago
- capstone based disassembler for extracting to binnavi☆229Jun 8, 2016Updated 9 years ago
- ☆82Jul 5, 2016Updated 9 years ago
- A collection of scripts to initialize a windows VM to run all the malwares!☆107Apr 3, 2020Updated 5 years ago
- Modified edition of cuckoo☆272Sep 9, 2019Updated 6 years ago
- Protocol Analysis/Decoder Framework☆497Dec 19, 2022Updated 3 years ago
- Frontend for Codex Gigas☆21Mar 6, 2017Updated 8 years ago
- ThreatTracker is a Python script designed to monitor and generate alerts on given sets of indicators of compromise (IOCs) indexed by a se…☆70Mar 9, 2015Updated 10 years ago
- Modular file scanning/analysis framework☆622Oct 8, 2019Updated 6 years ago
- LiME (formerly DMD) is a Loadable Kernel Module (LKM), which allows the acquisition of volatile memory from Linux and Linux-based devices…☆1,941Nov 9, 2025Updated 3 months ago
- Noriben - Portable, Simple, Malware Analysis Sandbox☆1,233Aug 7, 2025Updated 6 months ago
- Rekall Memory Forensic Framework☆1,997Oct 18, 2020Updated 5 years ago
- Bit9 + Carbon Black Threat Intelligence☆81Mar 9, 2016Updated 9 years ago
- ☆28Oct 30, 2016Updated 9 years ago
- An environment for comprehensive, automated analysis of web-based exploits, based on Cuckoo sandbox.☆124Aug 10, 2015Updated 10 years ago