H2Cyber / VolDiff

Related projects: ⓘ

• 504ensicsLabs / DAMM
  Differential Analysis of Malware in Memory
  ☆209Updated 7 years ago
• codexgigassys / codex-backend
  Codex Gigas malware DNA profiling search engine discovers malware patterns and characteristics assisting individuals who are attracted in…
  ☆154Updated 4 years ago
• AlienVault-OTX / yabin
  A Yara rule generator for finding related samples and hunting
  ☆155Updated 2 years ago
• JamesHabben / evolve
  Web interface for the Volatility Memory Forensics Framework
  ☆259Updated 6 years ago
• mkorman90 / VolatilityBot
  VolatilityBot – An automated memory analyzer for malware samples and memory dumps
  ☆263Updated 3 years ago
• davidoren / CuckooSploit
  An environment for comprehensive, automated analysis of web-based exploits, based on Cuckoo sandbox.
  ☆125Updated 9 years ago
• williballenthin / process-forest
  Reconstruct process trees from event logs
  ☆143Updated 4 years ago
• tomchop / volatility-autoruns
  Autoruns plugin for the Volatility framework
  ☆118Updated 5 years ago
• citizenlab / malware-signatures
  Yara rules for malware families seen as part of targeted threats project
  ☆131Updated 7 years ago
• wmetcalf / buildcuckoo-trusty
  A dumb set of scripts for building a cuckoo rig
  ☆61Updated 7 years ago
• maltelligence / maltelligence
  a Malware/Threat Analyst Desktop
  ☆89Updated 9 years ago
• CrowdStrike / CrowdFMS
  CrowdStrike Feed Management System. CrowdFMS is a framework for automating collection and processing of samples from VirusTotal, by lever…
  ☆128Updated 5 years ago
• mak / ekdeco
  Scripts for dealing with various ek's
  ☆69Updated 7 years ago
• EmergingThreats / et-luajit-scripts
  ☆76Updated 2 years ago
• mandiant / Volatility-Plugins
  ☆82Updated 8 years ago
• Tigzy / malware-repo
  Malware Repository Framework
  ☆99Updated 6 years ago
• tylabs / qs_old
  Command line tool for scanning streams within office documents plus xor db attack
  ☆125Updated 11 months ago
• mandiant / ioc_writer
  ☆200Updated last year
• Neo23x0 / DLLRunner
  Smart DLL execution for malware analysis in sandbox systems
  ☆141Updated 9 years ago
• PoorBillionaire / Windows-Prefetch-Parser
  Parse Windows Prefetch files: Supports XP - Windows 10 Prefetch files
  ☆111Updated 3 months ago
• buguroo / cuckooautoinstall
  Auto Installer Script for Cuckoo Sandbox
  ☆166Updated 6 years ago
• kevthehermit / VolUtility
  Web App for Volatility framework
  ☆378Updated last week
• egaus / MaliciousMacroBot
  ☆150Updated 5 years ago
• JohnLaTwC / PyPowerShellXray
  Python script to decode common encoded PowerShell scripts
  ☆214Updated 6 years ago
• PUNCH-Cyber / YaraGuardian
  Django web interface for managing Yara rules
  ☆189Updated 6 years ago
• OMENScan / AChoir
  Windows Live Artifacts Acquisition Script
  ☆181Updated 2 years ago
• malwaremusings / unpacker
  Automated malware unpacker
  ☆118Updated 8 years ago
• MinervaLabsResearch / Mystique
  Mystique may be used to discover infection markers that can be used to vaccinate endpoints against malware. It receives as input a malici…
  ☆80Updated 6 years ago
• Malshare / MalShare-Toolkit
  Set of tools for interacting with Malshare
  ☆153Updated 4 years ago
• bwall / bamfdetect
  ☆152Updated this week