Balbuzard is a package of malware analysis tools in python to extract patterns of interest from suspicious files (IP addresses, domain names, known file headers, interesting strings, etc). It can also crack malware obfuscation such as XOR, ROL, etc by bruteforcing and checking for those patterns.
☆139Jan 10, 2020Updated 6 years ago
Alternatives and similar repositories for balbuzard
Users that are interested in balbuzard are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ExeFilter is an open-source tool and framework to filter file formats in e-mails, web pages or files. It detects many common file formats…☆73Dec 13, 2021Updated 4 years ago
- Tool to help guess a files 256 byte XOR key by using frequency analysis☆89Jun 11, 2018Updated 7 years ago
- unXOR will search a XORed file and try to guess the key using known-plaintext attacks.☆146Apr 23, 2020Updated 6 years ago
- A VBA parser and emulation engine to analyze malicious macros.☆1,123Jul 10, 2024Updated last year
- A GC link parser for both linkfiles and jumplists.☆18Oct 28, 2016Updated 9 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Yara rules for malware families seen as part of targeted threats project☆142Nov 17, 2016Updated 9 years ago
- hopefully a source-to-source deobfuscator, aiming at deobfuscating common scripts languages such as Powershell, VBA and Javascript. Curre…☆40Aug 17, 2019Updated 6 years ago
- FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.☆4,046Jun 3, 2026Updated last week
- Yara rules for quick reverse engineering of malware.☆19Dec 9, 2015Updated 10 years ago
- oletools - python tools to analyze MS OLE2 files (Structured Storage, Compound File Binary Format) and MS Office documents, for malware a…☆3,350Feb 14, 2026Updated 3 months ago
- VB Exe Parser is an IDA script written in Python. This script will help you to parse VB program internal structures. It can find: Event, …☆17Oct 8, 2016Updated 9 years ago
- APIInfo Plugin (x86) - A Plugin For x64dbg☆52Jul 17, 2018Updated 7 years ago
- Set of Yara rules for finding files using magics headers☆142Sep 8, 2020Updated 5 years ago
- FileInsight-plugins: decoding toolbox of McAfee FileInsight hex editor for malware analysis☆164Dec 15, 2024Updated last year
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- This repository hosts community contributed Kestrel huntflows (.hf) and huntbooks (.ipynb)☆37Jan 2, 2024Updated 2 years ago
- Tools for parsing Forensic images☆41Dec 14, 2018Updated 7 years ago
- Malware.lu configuration extractor☆26Mar 27, 2014Updated 12 years ago
- MAEC Schemas and Schema Development☆89Jan 29, 2020Updated 6 years ago
- Detect malicious domain, Blablablablabla☆27Jan 8, 2017Updated 9 years ago
- Volatility plugin for extracts configuration data of known malware☆496Dec 22, 2023Updated 2 years ago
- Carve Windows Prefetch files from arbitrary binary data☆16Jun 11, 2017Updated 9 years ago
- The Cold Disk Quick Response (CDQR) tool is a fast and easy to use forensic artifact parsing tool that works on disk images, mounted driv…☆345Jun 25, 2022Updated 3 years ago
- Noriben - Portable, Simple, Malware Analysis Sandbox☆1,273Mar 26, 2026Updated 2 months ago
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- A collection of YARA rules we wish to share with the world, most probably referenced from http://blog.inquest.net.☆390May 11, 2022Updated 4 years ago
- Plugins to add funtionality to ProcDOT. http://www.procdot.com☆25Sep 26, 2023Updated 2 years ago
- A machine learning tool that ranks strings based on their relevance for malware analysis.☆756Mar 11, 2026Updated 2 months ago
- Generic data DEcoding/ENcoding application built with PyQt5.☆48Mar 29, 2025Updated last year
- ☆12Dec 14, 2016Updated 9 years ago
- A collection of YARA rules for public use. Built from information in intelligence profiles, dossiers and file work.☆18Sep 10, 2023Updated 2 years ago
- Malware similarity platform with modularity in mind.☆80Jul 18, 2021Updated 4 years ago
- Collect, Process, and Hunt with host based data from MacOS, Windows, and Linux☆508Oct 21, 2022Updated 3 years ago
- PEframe is a open source tool to perform static analysis on Portable Executable malware and malicious MS Office documents.☆628Aug 8, 2022Updated 3 years ago
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- A python script for easy static analysis and automatic signature generation of malware.☆12Sep 30, 2013Updated 12 years ago
- YARA duplicate rule detection and removal. YARA rule index creation. YARA rule file merger.☆10Jan 19, 2026Updated 4 months ago
- A taxonomy and dictionary of malware behaviors.☆43Aug 20, 2019Updated 6 years ago
- Malware analysis tool☆22Apr 27, 2025Updated last year
- Fast Evidence Collector Toolkit is an incident response toolkit to collect evidences on a suspicious windows computer☆41Jul 29, 2020Updated 5 years ago
- Windows Prefetch parser. Supports all known versions from Windows XP to Windows 10.☆118Apr 27, 2026Updated last month
- IP addresses exploiting recent log4j2 vulnerability CVE-2021-44228☆16Dec 19, 2021Updated 4 years ago