Alternatives and similar repositories for Fake-Sandbox-Artifacts

Users that are interested in Fake-Sandbox-Artifacts are comparing it to the libraries listed below

• d4rksystem / VBoxCloak
  A PowerShell script that attempts to help malware analysts hide their Windows VirtualBox Windows VM's from malware that may be trying to …
  ☆389Updated 4 months ago
• strontic / xcyclopedia
  Encyclopedia for Executables
  ☆459Updated 4 years ago
• d4rksystem / VMwareCloak
  A PowerShell script that attempts to help malware analysts hide their VMware Windows VM's from malware that may be trying to evade analys…
  ☆415Updated 10 months ago
• fireeye / BitsParser
  ☆151Updated last year
• ditekshen / detection
  Detection in the form of Yara, Snort and ClamAV signatures.
  ☆239Updated last year
• airbus-cert / Winshark
  A wireshark plugin to instrument ETW
  ☆575Updated 3 years ago
• Neo23x0 / YARA-Performance-Guidelines
  A guide on how to write fast and memory friendly YARA rules
  ☆157Updated 9 months ago
• kacos2000 / MFT_Browser
  $MFT directory tree reconstruction & FILE record info
  ☆320Updated last year
• DissectMalware / batch_deobfuscator
  Deobfuscate batch scripts obfuscated using string substitution and escape character techniques.
  ☆165Updated 3 years ago
• bartblaze / Yara-rules
  Collection of private Yara rules.
  ☆374Updated this week
• Karneades / malware-persistence
  Collection of malware persistence and hunting information. Be a persistent persistence hunter!
  ☆182Updated last month
• Squiblydoo / debloat
  A GUI and CLI tool for removing bloat from executables
  ☆432Updated 4 months ago
• kaganisildak / malwarescarecrow
  A tool designed to make physical devices detectable by malware and make system look like virtual machine.
  ☆396Updated 5 years ago
• hasherezade / mal_unpack
  Dynamic unpacker based on PE-sieve
  ☆782Updated 2 months ago
• moaistory / WinSearchDBAnalyzer
  http://moaistory.blogspot.com/2018/10/winsearchdbanalyzer.html
  ☆126Updated last year
• tylabs / quicksand
  QuickSand document and PDF malware analysis tool written in Python
  ☆135Updated 3 weeks ago
• CERT-Polska / malduck
  Malduck is your ducky companion in malware analysis journeys
  ☆346Updated 5 months ago
• DissectMalware / pyOneNote
  A python library to parse OneNote (.one) files
  ☆140Updated last year
• winterknife / PINKPANTHER
  Windows x64 handcrafted token stealing kernel-mode shellcode
  ☆511Updated last year
• ion-storm / sysmon-edr
  Sysmon EDR POC Build within Powershell to prove ability.
  ☆226Updated 4 years ago
• pandora-analysis / pandora
  Pandora is an analysis framework to discover if a file is suspicious and conveniently show the results
  ☆274Updated this week
• CheckPointSW / InviZzzible
  InviZzzible is a tool for assessment of your virtual environments in an easy and reliable way. It contains the most recent and up to date…
  ☆572Updated 3 years ago
• EricZimmerman / MFTECmd
  Parses $MFT from NTFS file systems
  ☆279Updated 6 months ago
• claroty / arya
  Arya is a unique tool that produces pseudo-malicious files meant to trigger YARA rules. You can think of it like a reverse YARA.
  ☆257Updated 2 years ago
• mandiant / capa-rules
  Standard collection of rules for capa: the tool for enumerating the capabilities of programs
  ☆651Updated last week
• NUKIB / maldump
  Multi-quarantine extractor
  ☆50Updated 6 months ago
• xorhex / mlget
  A golang CLI tool to download malware from a variety of sources.
  ☆151Updated 4 months ago
• nazywam / AutoIt-Ripper
  Extract AutoIt scripts embedded in PE binaries
  ☆212Updated last year
• malpedia / signator-rules
  Collection of rules created using YARA-Signator over Malpedia
  ☆141Updated last year
• RandomRhythm / Vendor-Threat-Triage-Lookup
  Lookup file hashes, domain names and IP addresses using various vendors to assist with triaging potential threats.
  ☆29Updated 4 months ago