Artifact analysis tools by JPCERT/CC Analysis Center
☆462Aug 14, 2025Updated 6 months ago
Alternatives and similar repositories for aa-tools
Users that are interested in aa-tools are comparing it to the libraries listed below
Sorting:
- Investigate suspicious activity by visualizing Sysmon's event log☆431Dec 22, 2023Updated 2 years ago
- Volatility plugin for extracts configuration data of known malware☆495Dec 22, 2023Updated 2 years ago
- ☆309Aug 14, 2020Updated 5 years ago
- Investigate malicious Windows logon by visualizing and analyzing Windows event log☆3,138Oct 19, 2025Updated 4 months ago
- VolatilityBot – An automated memory analyzer for malware samples and memory dumps☆270Jun 15, 2021Updated 4 years ago
- YARA signature and IOC database for my scanners and tools☆2,869Feb 5, 2026Updated 3 weeks ago
- Tool Analysis Result Sheet☆356Dec 4, 2017Updated 8 years ago
- Various snippets created during malware analysis☆463Oct 3, 2025Updated 4 months ago
- A static analyzer for PE executables.☆1,107Updated this week
- Incident Response Forensic Framework☆611Nov 20, 2019Updated 6 years ago
- The Cold Disk Quick Response (CDQR) tool is a fast and easy to use forensic artifact parsing tool that works on disk images, mounted driv…☆343Jun 25, 2022Updated 3 years ago
- inVtero.net: A high speed (Gbps) Forensics, Memory integrity & assurance. Includes offensive & defensive memory capabilities. Find/Extr…☆294Sep 30, 2023Updated 2 years ago
- Indicators of Compromises (IOC) of our various investigations☆1,917Feb 20, 2026Updated last week
- Modular file scanning/analysis framework☆622Oct 8, 2019Updated 6 years ago
- yarGen is a generator for YARA rules☆1,776Jan 10, 2026Updated last month
- Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.☆937Dec 12, 2023Updated 2 years ago
- Malware Configuration And Payload Extraction☆761Nov 22, 2024Updated last year
- ☆1,130Dec 19, 2023Updated 2 years ago
- A VBA parser and emulation engine to analyze malicious macros.☆1,118Jul 10, 2024Updated last year
- Kaspersky's GReAT KLara☆732Jul 24, 2024Updated last year
- ☆519Jan 26, 2021Updated 5 years ago
- FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.☆3,897Updated this week
- ☆715Oct 28, 2022Updated 3 years ago
- ☆280Apr 6, 2023Updated 2 years ago
- Noriben - Portable, Simple, Malware Analysis Sandbox☆1,231Aug 7, 2025Updated 6 months ago
- A toolset to make a system look as if it was the victim of an APT attack☆2,715Sep 23, 2025Updated 5 months ago
- Python script to decode common encoded PowerShell scripts☆217Jun 13, 2018Updated 7 years ago
- Code and yara rules to detect and analyze Cobalt Strike☆272May 5, 2021Updated 4 years ago
- Windows Events Attack Samples☆2,515Jan 24, 2023Updated 3 years ago
- ☆432May 3, 2023Updated 2 years ago
- PowerForensics provides an all in one platform for live disk forensic analysis☆1,427Nov 16, 2023Updated 2 years ago
- A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more e…☆4,486Jan 12, 2026Updated last month
- Cuckoo Sandbox plugin for extracts configuration data of known malware☆135Dec 22, 2023Updated 2 years ago
- Scan files or process memory for CobaltStrike beacons and parse their configuration☆922Aug 19, 2021Updated 4 years ago
- Your Everyday Threat Intelligence☆1,951Feb 12, 2026Updated 2 weeks ago
- Automated, Collection, and Enrichment Platform☆324Nov 14, 2019Updated 6 years ago
- An informational repo about hunting for adversaries in your IT environment.☆1,850Nov 17, 2021Updated 4 years ago
- Repository of YARA rules made by Trellix ATR Team☆625Mar 18, 2025Updated 11 months ago
- Protocol Analysis/Decoder Framework☆497Dec 19, 2022Updated 3 years ago