JPCERTCC / MalConfScan-with-CuckooLinks
Cuckoo Sandbox plugin for extracts configuration data of known malware
☆134Updated last year
Alternatives and similar repositories for MalConfScan-with-Cuckoo
Users that are interested in MalConfScan-with-Cuckoo are comparing it to the libraries listed below
Sorting:
- A Yara rule generator for finding related samples and hunting☆158Updated 2 years ago
- Repository containing IOCs, CSV and MISP JSON from our blogs☆81Updated 3 years ago
- Various scripts for different malware families☆106Updated 4 years ago
- Personal compilation of APT malware from whitepaper releases, documents and own research☆260Updated 6 years ago
- ☆82Updated 8 years ago
- Application for STIX v2.0 objects management and analysis☆27Updated 7 years ago
- Sandbox feature upgrade with the help of wrapped samples☆76Updated 7 years ago
- A tool for de-obfuscating PowerShell scripts☆68Updated 6 years ago
- Cuckoo Sandbox is an automated dynamic malware analysis system☆107Updated 5 years ago
- A collection of infosec related scripts and information.☆53Updated 8 months ago
- ☆134Updated 6 years ago
- Detecting Lateral Movement with Machine Learning☆137Updated 7 years ago
- Cuckoo running in a nested hypervisor☆128Updated 5 years ago
- This repository contains all public indicators identified by 401trg during the course of our investigations. It also includes relevant ya…☆122Updated 4 years ago
- [BHUSA 2018 Arsenal] Integrated tool to analyze Drive-by Download attack☆108Updated 2 years ago
- Python tool and library to help analyze files during malware triage and analysis.☆78Updated 4 years ago
- Lazy Office Analyzer☆122Updated 8 years ago
- Malware Repository Framework☆99Updated 7 years ago
- Static based decoders for malware samples☆93Updated 4 years ago
- This script scans the files extracted by Zeek with YARA rules located on the rules folder on a Linux based Zeek sensor, if there is a mat…☆62Updated last year
- Community modules for FAME☆65Updated 4 months ago
- Malware Sinkhole List in various formats☆103Updated 2 years ago
- Fuzzy Hash calculated from import API of PE files☆89Updated 2 years ago
- Mystique may be used to discover infection markers that can be used to vaccinate endpoints against malware. It receives as input a malici…☆82Updated 7 years ago
- Proofpoint - Emerging Threats - Threat Research tools + publicly shared intel and documentation☆74Updated 3 weeks ago
- Hollowfind is a Volatility plugin to detect different types of process hollowing techniques used in the wild to bypass, confuse, deflect …☆138Updated 2 years ago
- A MITRE Caldera plugin written in Python 3 used to convert Red Canary Atomic Red Team Tests to MITRE Caldera Stockpile YAML ability files…☆71Updated 3 years ago
- A taxonomy and dictionary of malware behaviors.☆42Updated 5 years ago
- Command line tool for scanning streams within office documents plus xor db attack☆126Updated last year
- Community-based integrated malware identification system☆82Updated 2 years ago