decalage2 / balbuzardLinks
Balbuzard is a package of malware analysis tools in python to extract patterns of interest from suspicious files (IP addresses, domain names, known file headers, interesting strings, etc). It can also crack malware obfuscation such as XOR, ROL, etc by bruteforcing and checking for those patterns.
☆137Updated 5 years ago
Alternatives and similar repositories for balbuzard
Users that are interested in balbuzard are comparing it to the libraries listed below
Sorting:
- Various scripts for different malware families☆106Updated 4 years ago
- Various capabilities for static malware analysis.☆78Updated 9 months ago
- A modern Python-3-based alternative to RegRipper☆196Updated 2 months ago
- Set of Yara rules for finding files using magics headers☆138Updated 4 years ago
- Malware similarity platform with modularity in mind.☆78Updated 3 years ago
- Hollowfind is a Volatility plugin to detect different types of process hollowing techniques used in the wild to bypass, confuse, deflect …☆138Updated 2 years ago
- ☆83Updated 5 years ago
- Miscellaneous Malware RE☆196Updated 3 years ago
- Lazy Office Analyzer☆122Updated 8 years ago
- Yet another registry parser☆132Updated 3 years ago
- ☆134Updated 6 years ago
- Automated malware unpacker☆120Updated 9 years ago
- A taxonomy and dictionary of malware behaviors.☆42Updated 5 years ago
- EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.☆195Updated 3 months ago
- Parse Windows Prefetch files: Supports XP - Windows 10 Prefetch files☆118Updated last year
- Mystique may be used to discover infection markers that can be used to vaccinate endpoints against malware. It receives as input a malici…☆82Updated 7 years ago
- MAEC Schemas and Schema Development☆87Updated 5 years ago
- A Yara rule generator for finding related samples and hunting☆158Updated 2 years ago
- Various config files obtained during malware analysis☆67Updated 6 years ago
- Tools from WFA 4/e, timeline tools, etc.☆141Updated last year
- Extract common Windows artifacts from source images and VSCs☆65Updated 4 years ago
- Python script to decode common encoded PowerShell scripts☆216Updated 7 years ago
- BinSequencer is a script designed to find a common pattern of bytes within a set of samples and generate a YARA rule from the identified…☆76Updated 3 years ago
- ☆127Updated 4 months ago
- Community modules for FAME☆65Updated 4 months ago
- ☆82Updated 8 years ago
- Script lets you gather malicious software and c&c servers from open source platforms like Malshare, Malcode, Google, Cymon - vxvault, cyb…☆38Updated 5 years ago
- repository of tools & resources of the MMD team☆131Updated 2 years ago
- Page File analysis tools.☆127Updated 9 years ago
- A VBA parser and emulation engine to analyze malicious macros.☆96Updated 2 weeks ago