ZSShen / MeltingPot
A tool to cluster similar executables (PEs, DEXs, and etc), extract common signature, and generate Yara patterns for malware detection.
☆24Updated 5 years ago
Related projects ⓘ
Alternatives and complementary repositories for MeltingPot
- Work Fast With the pattern matching swiss knife for malware researchers.☆35Updated 8 years ago
- simple plugin to detect shellcode on Bro IDS with Unicorn☆34Updated 7 years ago
- Framework to automatically test and explore the capabilities of generic AV engines☆70Updated 5 years ago
- Command-line Interface for Binar.ly☆37Updated 7 years ago
- Analysis PE file or Shellcode☆48Updated 8 years ago
- Mal Tindex is an Open Source tool for indexing binaries and help attributing malware campaigns☆66Updated 7 years ago
- API functions for Malware Research☆35Updated 5 years ago
- A system to record malware using PANDA☆42Updated 5 years ago
- malware-traffic-analysis.net PCAPs repository.☆34Updated 8 years ago
- ☆19Updated 6 years ago
- Automatically exported from code.google.com/p/malware-lu☆55Updated 5 years ago
- Proof-of-concept automated baremetal malware analysis framework.☆14Updated 9 years ago
- Code for the DIMVA 2018 paper: "MemScrimper: Time- and Space-Efficient Storage of Malware Sandbox Memory Dumps"☆26Updated 5 years ago
- PyMal is a python based interactive Malware Analysis Framework. It is built on the top of three pure python programes Pefile, Pydbg and V…☆43Updated 8 years ago
- Volatility Plugins☆21Updated 9 years ago
- ☆43Updated 6 years ago
- Yet Another YARA rule Generator☆61Updated 6 years ago
- Identify botnet panels with Ensembled Decision Trees☆18Updated 8 years ago
- library to decode/parse zeus-like configuration files☆29Updated 6 years ago
- Extract GUIDs from .NET assemblies☆21Updated 8 years ago
- ripPE - section extractor and profiler for PE file analysis☆31Updated 10 years ago
- Process HTTP Pcaps With YARA☆101Updated 11 years ago
- Shows command lines used by latest instances analyzed on Hybrid-Analysis☆43Updated 6 years ago
- Volatility Framework plugin to detect various types of hooks as performed by banking Trojans☆40Updated 5 years ago
- Tools☆13Updated last year
- Yara rules☆10Updated 4 years ago
- A Rekall interactive document for a Memory Analysis workshop/course.☆43Updated 7 years ago
- ☆51Updated 6 years ago
- Binarly SDK v1☆13Updated 7 years ago