decalage2 / balbuzardLinks
Balbuzard is a package of malware analysis tools in python to extract patterns of interest from suspicious files (IP addresses, domain names, known file headers, interesting strings, etc). It can also crack malware obfuscation such as XOR, ROL, etc by bruteforcing and checking for those patterns.
☆140Updated 5 years ago
Alternatives and similar repositories for balbuzard
Users that are interested in balbuzard are comparing it to the libraries listed below
Sorting:
- A modern Python-3-based alternative to RegRipper☆202Updated 8 months ago
- repository of tools & resources of the MMD team☆137Updated 3 years ago
- Set of Yara rules for finding files using magics headers☆140Updated 5 years ago
- MAEC Schemas and Schema Development☆89Updated 5 years ago
- EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.☆203Updated 9 months ago
- A VBA parser and emulation engine to analyze malicious macros.☆96Updated last month
- unXOR will search a XORed file and try to guess the key using known-plaintext attacks.☆144Updated 5 years ago
- Lazy Office Analyzer☆122Updated 8 years ago
- Yet another registry parser☆137Updated 3 years ago
- PE Import Hash Generator☆79Updated 8 years ago
- Various capabilities for static malware analysis.☆79Updated last year
- Various scripts for different malware families☆106Updated 4 years ago
- ☆84Updated 5 years ago
- Parse Windows Prefetch files: Supports XP - Windows 10 Prefetch files☆120Updated last year
- Extract common Windows artifacts from source images and VSCs☆63Updated 4 years ago
- Malware similarity platform with modularity in mind.☆79Updated 4 years ago
- Tools from WFA 4/e, timeline tools, etc.☆144Updated last year
- ☆128Updated 10 months ago
- Script lets you gather malicious software and c&c servers from open source platforms like Malshare, Malcode, Google, Cymon - vxvault, cyb…☆39Updated 6 years ago
- VSCode extension for the YARA pattern matching language☆63Updated last year
- Generate a Yara rule to find base64-encoded files containg a specific keyword☆40Updated 7 years ago
- Malware Analysis, Threat Intelligence and Reverse Engineering: LABS☆82Updated 4 years ago
- Mystique may be used to discover infection markers that can be used to vaccinate endpoints against malware. It receives as input a malici…☆82Updated 8 years ago
- ☆82Updated 9 years ago
- Vthunting is a tiny script used to generate report about Virus Total hunting and send it by email, slack or telegram.☆167Updated 2 years ago
- Process HTTP Pcaps With YARA☆108Updated 12 years ago
- Mass static malware analysis tool☆95Updated 3 years ago
- Simple yara rule manager☆66Updated 2 years ago
- A curated list of malware repositories, trackers and malware analysis tools☆91Updated 2 years ago
- Miscellaneous Malware RE☆196Updated 3 years ago