Alternatives and similar repositories for Tools:

Users that are interested in Tools are comparing it to the libraries listed below

• CheckPointSW / InviZzzible
  InviZzzible is a tool for assessment of your virtual environments in an easy and reliable way. It contains the most recent and up to date…
  ☆544Updated 2 years ago
• marcosd4h / memhunter
  Live hunting of code injection techniques
  ☆378Updated 5 years ago
• kevoreilly / capemon
  capemon: CAPE's monitor
  ☆107Updated this week
• danielplohmann / apiscout
  This project aims at simplifying Windows API import recovery on arbitrary memory dumps
  ☆247Updated last year
• conix-security / zer0m0n
  zer0m0n driver for cuckoo sandbox
  ☆358Updated 9 years ago
• CERT-Polska / malduck
  Malduck is your ducky companion in malware analysis journeys
  ☆324Updated 7 months ago
• fox-it / mkYARA
  Generating YARA rules based on binary code
  ☆205Updated 3 years ago
• CheckPointSW / showstopper
  ShowStopper is a tool for helping malware researchers explore and test anti-debug techniques or verify debugger plugins or other solution…
  ☆198Updated 2 years ago
• jdu2600 / Windows10EtwEvents
  Events from all manifest-based and mof-based ETW providers across Windows 10 versions
  ☆283Updated 8 months ago
• hfiref0x / VMDE
  Source from VMDE paper, adapted to 2015
  ☆179Updated 7 years ago
• D4stiny / PeaceMaker
  PeaceMaker Threat Detection is a Windows kernel-based application that detects advanced techniques used by malware.
  ☆417Updated 4 years ago
• CERT-Polska / ursadb
  Trigram database written in C++, suited for malware indexing
  ☆125Updated 3 months ago
• felixweyne / ProcessSpawnControl
  Process Spawn Control is a Powershell tool which aims to help in the behavioral (process) analysis of malware. PsC suspends newly launche…
  ☆259Updated 3 years ago
• OALabs / findyara-ida
  IDA python plugin to scan binary with Yara rules
  ☆172Updated last year
• therealdreg / DbgChild
  Debug Child Process Tool (auto attach)
  ☆279Updated last year
• fxb-cocacoding / yara-signator
  Automatic YARA rule generation for Malpedia
  ☆156Updated 2 years ago
• MagnetForensics / SwishDbgExt
  Incident Response & Digital Forensics Debugging Extension
  ☆374Updated 6 years ago
• google / vxsig
  Automatically generate AV byte signatures from sets of similar binaries.
  ☆262Updated last month
• season-lab / bluepill
  BluePill: Neutralizing Anti-Analysis Behavior in Malware Dissection (Black Hat Europe 2019, IEEE TIFS 2020)
  ☆122Updated 3 years ago
• msuiche / LiveCloudKd
  Hyper-V Research is trendy now
  ☆176Updated 8 months ago
• tandasat / MemoryMon
  Detecting execution of kernel memory where is not backed by any image file
  ☆258Updated 6 years ago
• nsmfoo / antivmdetection
  Script to create templates to use with VirtualBox to make vm detection harder
  ☆725Updated 2 years ago
• secrary / makin
  makin - reveal anti-debugging and anti-VM tricks [This project is not maintained anymore]
  ☆737Updated 5 years ago
• nmantani / FileInsight-plugins
  FileInsight-plugins: decoding toolbox of McAfee FileInsight hex editor for malware analysis
  ☆159Updated last month
• cuckoosandbox / monitor
  The new Cuckoo Monitor.
  ☆340Updated 7 months ago
• ntdiff / ntdiff
  ☆124Updated 3 months ago
• tandasat / GuardMon
  Hypervisor based tool for monitoring system register accesses.
  ☆142Updated 6 years ago
• hasherezade / mal_unpack
  Dynamic unpacker based on PE-sieve
  ☆694Updated 3 weeks ago
• OALabs / PyIATRebuild
  Automatically rebuild Import Address Table for dumped PE file. With python bindings!
  ☆116Updated 6 years ago
• spender-sandbox / cuckoomon-modified
  Modified edition of cuckoomon
  ☆48Updated 6 years ago