Balbuzard is a package of malware analysis tools in python to extract patterns of interest from suspicious files (IP addresses, domain names, known file headers, interesting strings, etc). It can also crack malware obfuscation such as XOR, ROL, etc by bruteforcing and checking for those patterns.
☆140Jan 10, 2020Updated 6 years ago
Alternatives and similar repositories for balbuzard
Users that are interested in balbuzard are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ExeFilter is an open-source tool and framework to filter file formats in e-mails, web pages or files. It detects many common file formats…☆72Dec 13, 2021Updated 4 years ago
- Tool to help guess a files 256 byte XOR key by using frequency analysis☆88Jun 11, 2018Updated 7 years ago
- unXOR will search a XORed file and try to guess the key using known-plaintext attacks.☆146Apr 23, 2020Updated 5 years ago
- A VBA parser and emulation engine to analyze malicious macros.☆1,118Jul 10, 2024Updated last year
- A GC link parser for both linkfiles and jumplists.☆18Oct 28, 2016Updated 9 years ago
- End-to-end encrypted cloud storage - Proton Drive • AdSpecial offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
- Yara rules for malware families seen as part of targeted threats project☆143Nov 17, 2016Updated 9 years ago
- hopefully a source-to-source deobfuscator, aiming at deobfuscating common scripts languages such as Powershell, VBA and Javascript. Curre…☆40Aug 17, 2019Updated 6 years ago
- FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.☆3,959Apr 2, 2026Updated last week
- Yara rules for quick reverse engineering of malware.☆19Dec 9, 2015Updated 10 years ago
- oletools - python tools to analyze MS OLE2 files (Structured Storage, Compound File Binary Format) and MS Office documents, for malware a…☆3,313Feb 14, 2026Updated last month
- VB Exe Parser is an IDA script written in Python. This script will help you to parse VB program internal structures. It can find: Event, …☆17Oct 8, 2016Updated 9 years ago
- APIInfo Plugin (x86) - A Plugin For x64dbg☆50Jul 17, 2018Updated 7 years ago
- Set of Yara rules for finding files using magics headers☆142Sep 8, 2020Updated 5 years ago
- FileInsight-plugins: decoding toolbox of McAfee FileInsight hex editor for malware analysis☆165Dec 15, 2024Updated last year
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- This repository hosts community contributed Kestrel huntflows (.hf) and huntbooks (.ipynb)☆37Jan 2, 2024Updated 2 years ago
- Tools for parsing Forensic images☆41Dec 14, 2018Updated 7 years ago
- Malware.lu configuration extractor☆26Mar 27, 2014Updated 12 years ago
- A collection of awesome software, libraries, documents, books, resources and cools stuffs about security.☆13Apr 1, 2019Updated 7 years ago
- MAEC Schemas and Schema Development☆89Jan 29, 2020Updated 6 years ago
- Detect malicious domain, Blablablablabla☆27Jan 8, 2017Updated 9 years ago
- Volatility plugin for extracts configuration data of known malware☆495Dec 22, 2023Updated 2 years ago
- Carve Windows Prefetch files from arbitrary binary data☆16Jun 11, 2017Updated 8 years ago
- The Cold Disk Quick Response (CDQR) tool is a fast and easy to use forensic artifact parsing tool that works on disk images, mounted driv…☆343Jun 25, 2022Updated 3 years ago
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- Noriben - Portable, Simple, Malware Analysis Sandbox☆1,256Mar 26, 2026Updated 2 weeks ago
- A collection of YARA rules we wish to share with the world, most probably referenced from http://blog.inquest.net.☆388May 11, 2022Updated 3 years ago
- Plugins to add funtionality to ProcDOT. http://www.procdot.com☆25Sep 26, 2023Updated 2 years ago
- A machine learning tool that ranks strings based on their relevance for malware analysis.☆754Mar 11, 2026Updated last month
- ☆12Dec 14, 2016Updated 9 years ago
- A collection of YARA rules for public use. Built from information in intelligence profiles, dossiers and file work.☆18Sep 10, 2023Updated 2 years ago
- Malware similarity platform with modularity in mind.☆80Jul 18, 2021Updated 4 years ago
- Collect, Process, and Hunt with host based data from MacOS, Windows, and Linux☆506Oct 21, 2022Updated 3 years ago
- PEframe is a open source tool to perform static analysis on Portable Executable malware and malicious MS Office documents.☆621Aug 8, 2022Updated 3 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- YARA duplicate rule detection and removal. YARA rule index creation. YARA rule file merger.☆10Jan 19, 2026Updated 2 months ago
- A python script for easy static analysis and automatic signature generation of malware.☆12Sep 30, 2013Updated 12 years ago
- A taxonomy and dictionary of malware behaviors.☆43Aug 20, 2019Updated 6 years ago
- Malware analysis tool☆22Apr 27, 2025Updated 11 months ago
- Windows Prefetch parser. Supports all known versions from Windows XP to Windows 10.☆116Jan 8, 2025Updated last year
- Fast Evidence Collector Toolkit is an incident response toolkit to collect evidences on a suspicious windows computer☆41Jul 29, 2020Updated 5 years ago
- IP addresses exploiting recent log4j2 vulnerability CVE-2021-44228☆16Dec 19, 2021Updated 4 years ago