JPCERTCC / MalConfScan-with-Cuckoo
Cuckoo Sandbox plugin for extracts configuration data of known malware
☆135Updated last year
Alternatives and similar repositories for MalConfScan-with-Cuckoo:
Users that are interested in MalConfScan-with-Cuckoo are comparing it to the libraries listed below
- A Yara rule generator for finding related samples and hunting☆158Updated 2 years ago
- Personal compilation of APT malware from whitepaper releases, documents and own research☆261Updated 6 years ago
- [BHUSA 2018 Arsenal] Integrated tool to analyze Drive-by Download attack☆108Updated 2 years ago
- Various scripts for different malware families☆106Updated 4 years ago
- Repository containing IOCs, CSV and MISP JSON from our blogs☆81Updated 3 years ago
- Detecting Lateral Movement with Machine Learning☆137Updated 7 years ago
- Cuckoo Sandbox is an automated dynamic malware analysis system☆107Updated 4 years ago
- ☆82Updated 8 years ago
- Sandbox feature upgrade with the help of wrapped samples☆76Updated 6 years ago
- A collection of infosec related scripts and information.☆53Updated 6 months ago
- Community-based integrated malware identification system☆82Updated 2 years ago
- Cuckoo running in a nested hypervisor☆128Updated 4 years ago
- Malware Repository Framework☆99Updated 7 years ago
- Application for STIX v2.0 objects management and analysis☆27Updated 7 years ago
- A taxonomy and dictionary of malware behaviors.☆42Updated 5 years ago
- ☆134Updated 6 years ago
- Lazy Office Analyzer☆122Updated 8 years ago
- Python tool and library to help analyze files during malware triage and analysis.☆78Updated 4 years ago
- Malware Sinkhole List in various formats☆103Updated 2 years ago
- Yara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.☆108Updated 7 years ago
- Command line tool for scanning streams within office documents plus xor db attack☆126Updated last year
- Mystique may be used to discover infection markers that can be used to vaccinate endpoints against malware. It receives as input a malici…☆82Updated 7 years ago
- A tool for de-obfuscating PowerShell scripts☆68Updated 6 years ago
- Process HTTP Pcaps With YARA☆102Updated 11 years ago
- This script scans the files extracted by Zeek with YARA rules located on the rules folder on a Linux based Zeek sensor, if there is a mat…☆61Updated last year
- This repository contains all public indicators identified by 401trg during the course of our investigations. It also includes relevant ya…☆121Updated 4 years ago
- A lightweight tool to load Windows Event Log evtx files into Elasticsearch.☆115Updated 4 years ago
- Python script to decode common encoded PowerShell scripts☆216Updated 6 years ago
- Malware Analysis, Threat Intelligence and Reverse Engineering: LABS☆82Updated 4 years ago
- Fuzzy Hash calculated from import API of PE files☆88Updated 2 years ago