InQuest / sandboxapi
Minimal, consistent Python API for building integrations with malware sandboxes.
☆138Updated last year
Alternatives and similar repositories for sandboxapi:
Users that are interested in sandboxapi are comparing it to the libraries listed below
- A Yara rule generator for finding related samples and hunting☆158Updated 2 years ago
- Personal compilation of APT malware from whitepaper releases, documents and own research☆261Updated 6 years ago
- This script scans the files extracted by Zeek with YARA rules located on the rules folder on a Linux based Zeek sensor, if there is a mat…☆61Updated last year
- Knowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)☆100Updated 3 months ago
- Repository containing IOCs, CSV and MISP JSON from our blogs☆81Updated 3 years ago
- ☆151Updated 6 years ago
- Django web interface for managing Yara rules☆191Updated 6 years ago
- Malware Sinkhole List in various formats☆103Updated 2 years ago
- A tool for de-obfuscating PowerShell scripts☆68Updated 5 years ago
- snake - a malware storage zoo☆218Updated last year
- Malware/IOC ingestion and processing engine☆104Updated 6 years ago
- IOC (Indicator of Compromise) Extractor: a program to help extract IOCs from text files.☆135Updated 9 years ago
- Set of Yara rules for finding files using magics headers☆137Updated 4 years ago
- Cuckoo Sandbox is an automated dynamic malware analysis system☆107Updated 4 years ago
- This tool maps a file's behavior on MITRE ATT&CK matrix.☆58Updated 5 years ago
- A mapping of used malware names to commonly known family names☆62Updated 2 years ago
- BinSequencer is a script designed to find a common pattern of bytes within a set of samples and generate a YARA rule from the identified…☆76Updated 3 years ago
- Autoruns plugin for the Volatility framework☆121Updated 5 years ago
- Allows you to quickly query a Windows machine for RAM artifacts☆220Updated 4 years ago
- ☆98Updated 4 years ago
- Tools for parsing rulesets using the exact grammar as YARA. Written in Go.☆83Updated 2 years ago
- Mystique may be used to discover infection markers that can be used to vaccinate endpoints against malware. It receives as input a malici…☆82Updated 7 years ago
- A modular Python application to pull intelligence about malicious files☆119Updated 4 years ago
- Python API wrapper for the Joe Sandbox API.☆66Updated 11 months ago
- Hollowfind is a Volatility plugin to detect different types of process hollowing techniques used in the wild to bypass, confuse, deflect …☆135Updated 2 years ago
- This repository contains all public indicators identified by 401trg during the course of our investigations. It also includes relevant ya…☆121Updated 4 years ago
- A VBA parser and emulation engine to analyze malicious macros.☆95Updated 2 weeks ago
- Malware Repository Framework☆99Updated 7 years ago
- A taxonomy and dictionary of malware behaviors.☆42Updated 5 years ago
- Python tool and library to help analyze files during malware triage and analysis.☆78Updated 4 years ago