A taxonomy and dictionary of malware behaviors.
☆43Aug 20, 2019Updated 6 years ago
Alternatives and similar repositories for malware-behaviors
Users that are interested in malware-behaviors are comparing it to the libraries listed below
Sorting:
- VB Exe Parser is an IDA script written in Python. This script will help you to parse VB program internal structures. It can find: Event, …☆17Oct 8, 2016Updated 9 years ago
- Tools for macOS Forensic Bootable media☆15May 20, 2020Updated 5 years ago
- Forensic cheatsheets for use with cheat☆15Dec 2, 2021Updated 4 years ago
- A collection of empty MSVC projects, compiled using various versions and configurations of Visual Studio.☆33Jun 20, 2024Updated last year
- Registry Miner☆14Apr 10, 2018Updated 7 years ago
- ☆22Dec 22, 2020Updated 5 years ago
- Indicators of compromise relating to our report on APT10's targeting of global MSPs☆10Sep 26, 2017Updated 8 years ago
- ☆26Aug 6, 2021Updated 4 years ago
- Containerized IDA Pro (Windows/Wine), DEPRECIATED, please use https://github.com/NyaMisty/docker-wine-ida☆26Nov 23, 2017Updated 8 years ago
- Commandline utility to interact with the Malpedia service☆22Dec 5, 2025Updated 2 months ago
- A simple many-rules to many-files YARA scanner for incident response or malware zoos.☆27Jun 3, 2018Updated 7 years ago
- PowerShell scripts to aid investigators when utilizing O365 and Magnet Axiom.☆12Aug 26, 2024Updated last year
- Queries for parsed spotlight database in sqlite☆13Dec 29, 2020Updated 5 years ago
- A Simple CLI App to mark all EXCEL sheets visible (i.e. sets "Very Hidden" and "Hidden" to "Visible")☆11Apr 16, 2020Updated 5 years ago
- A Postfix filter which takes a piped message and submits it to Cuckoo Sandbox☆11Apr 3, 2016Updated 9 years ago
- Transform EQL detection rules to VQL artifacts☆12Nov 12, 2021Updated 4 years ago
- Get notified instantly when your users of interest speak about something.☆10Mar 24, 2020Updated 5 years ago
- Cockroach is your primitive & immortal swiss army knife.☆48Dec 8, 2021Updated 4 years ago
- This repository contains relevant samples and data related to the ELF Malware Analysis 101 articles☆48Jun 21, 2022Updated 3 years ago
- ☆13Nov 10, 2020Updated 5 years ago
- Network Defender Toolkit☆18Jun 11, 2013Updated 12 years ago
- A graph-based deep learning tool that can recognizes the kernel objects from raw memory dumps.☆14Jul 6, 2019Updated 6 years ago
- ☆12May 8, 2020Updated 5 years ago
- ☆11Aug 3, 2018Updated 7 years ago
- NTFS Security Descriptor Stream ($Secure:$SDS) parser☆14Jan 9, 2023Updated 3 years ago
- VM setup for Malware RE labs☆28Apr 26, 2019Updated 6 years ago
- A short and small memory forensics helper.☆52Oct 18, 2017Updated 8 years ago
- python wrapper to use tshark for file extraction from the command line.☆26Nov 15, 2018Updated 7 years ago
- Prototype system to monitor BGP routes and alert when anomalies are identified☆15Dec 7, 2018Updated 7 years ago
- A collection of Indicators of Compromise (IoCs), most aligning with samples derived from the signatures in the YARA-Signatures repo☆29Jun 11, 2020Updated 5 years ago
- Registry to JSON. This Project is for learning purposes and is not maintained.☆12Dec 28, 2021Updated 4 years ago
- A tool to download malwares☆16May 22, 2023Updated 2 years ago
- Binary, Analysis, and Disassembler Radare2 Plugins for Dan32 architechture binaries☆18Aug 21, 2017Updated 8 years ago
- CTF scripts and writeups (mostly challenge + .py solving script)☆23Oct 27, 2025Updated 4 months ago
- MoP - "Master of Puppets" - Advanced malware tracking framework☆84Feb 11, 2026Updated 2 weeks ago
- Binary commandline executable to parse ETL files☆69Jun 7, 2018Updated 7 years ago
- ☆16Sep 12, 2021Updated 4 years ago
- ☆16Dec 5, 2023Updated 2 years ago
- A lightweight C++/C AFF4 reader library☆14Feb 5, 2026Updated 3 weeks ago