ahlashkari / VolMemLyzer
VolMemLyzer (Volatility Memory Analyzer) is a feature extraction module which use Volatility plugins to extract memory features to generate a CSV file for each memory snapshot.
☆30Updated 8 months ago
Alternatives and similar repositories for VolMemLyzer:
Users that are interested in VolMemLyzer are comparing it to the libraries listed below
- Python based CLI for MalwareBazaar☆36Updated 3 months ago
- Modular malware analysis artifact collection and correlation framework☆53Updated 9 months ago
- Various capabilities for static malware analysis.☆77Updated 5 months ago
- Source Code for 'Malware Analysis and Detection Engineering' by Abhijit Mohanta and Anoop Saldanha☆117Updated last year
- Code for the paper "EMBERSim: A Large-Scale Databank for Boosting Similarity Search in Malware Analysis"☆28Updated last year
- The DFRWS 2023 challenge (The Troubled Elevator) takes a deep dive into the domain of Industrial Control Systems (ICS), specifically foc…☆46Updated 9 months ago
- This repository contains OpenIOC rules to aid in hunting for indicators of compromise and TTPs focused on Advanced Persistent Threat grou…☆23Updated last year
- ☆57Updated 3 years ago
- Collection of Jupyter Notebook for Threat Hunting and Blue Team Purposes☆19Updated 2 years ago
- MAEC Schemas and Schema Development☆85Updated 5 years ago
- A curated dataset of malware and benign Windows executable samples for malware researchers☆42Updated 4 months ago
- Scans a malware file and lists down the related MBC (Malware Behavior Catalog) details.☆22Updated 2 years ago
- Further investigation in to APT campaigns disclosed by private security firms and security agencies☆85Updated 2 years ago
- Powershell sandboxing utility☆18Updated this week
- Yara Based Detection Engine for web browsers☆47Updated 3 years ago
- Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.☆76Updated 3 years ago
- Standardized Malware Analysis Tool☆52Updated 3 years ago
- This CALDERA Plugin converts Adversary Emulation Plans from the Center for Threat Informed Defense☆30Updated last year
- Python library to query various sources of threat intelligence for data on domains, file hashes, and IP addresses.☆31Updated last year
- An experimental script to perform bulk parsing of arbitrary file features with YARA and console logging.☆21Updated 2 years ago
- ☆25Updated last year
- A script to assist in processing forensic RAM captures for malware triage☆27Updated 4 years ago
- An Adaptive Misuse Detection System☆36Updated 3 months ago
- This script scans the files extracted by Zeek with YARA rules located on the rules folder on a Linux based Zeek sensor, if there is a mat…☆61Updated last year
- This repository contains relevant samples and data related to the ELF Malware Analysis 101 articles☆42Updated 2 years ago
- Malware Sandboxes & Malware Source☆89Updated 7 years ago
- A cyber threat intelligence chatbot that ingested 2200+ reports from vx-underground.☆21Updated 10 months ago
- Repository with Sample threat hunting notebooks on Security Event Log Data Sources☆61Updated 2 years ago
- Malware similarity platform with modularity in mind.☆78Updated 3 years ago
- Collection of scripts used to analyse malware or emails☆19Updated 4 years ago