Alternatives and similar repositories for Tools:

Users that are interested in Tools are comparing it to the libraries listed below

• kevoreilly / capemon
  capemon: CAPE's monitor
  ☆116Updated last week
• CERT-Polska / malduck
  Malduck is your ducky companion in malware analysis journeys
  ☆330Updated this week
• marcosd4h / memhunter
  Live hunting of code injection techniques
  ☆381Updated 5 years ago
• fox-it / mkYARA
  Generating YARA rules based on binary code
  ☆209Updated 3 years ago
• CheckPointSW / InviZzzible
  InviZzzible is a tool for assessment of your virtual environments in an easy and reliable way. It contains the most recent and up to date…
  ☆555Updated 3 years ago
• danielplohmann / apiscout
  This project aims at simplifying Windows API import recovery on arbitrary memory dumps
  ☆249Updated 2 years ago
• fxb-cocacoding / yara-signator
  Automatic YARA rule generation for Malpedia
  ☆160Updated 2 years ago
• conix-security / zer0m0n
  zer0m0n driver for cuckoo sandbox
  ☆360Updated 9 years ago
• CheckPointSW / showstopper
  ShowStopper is a tool for helping malware researchers explore and test anti-debug techniques or verify debugger plugins or other solution…
  ☆205Updated 2 years ago
• mandiant / capa-rules
  Standard collection of rules for capa: the tool for enumerating the capabilities of programs
  ☆576Updated last month
• 0ver-fl0w / ISFB_Tools
  List of tools to assist in analyzing samples of ISFB/Gozi/Ursnif
  ☆15Updated 5 years ago
• CERT-Polska / ursadb
  Trigram database written in C++, suited for malware indexing
  ☆125Updated 6 months ago
• hatching / vmcloak
  Automated Virtual Machine Generation and Cloaking for Cuckoo Sandbox.
  ☆498Updated 11 months ago
• OALabs / findyara-ida
  IDA python plugin to scan binary with Yara rules
  ☆172Updated last year
• nmantani / FileInsight-plugins
  FileInsight-plugins: decoding toolbox of McAfee FileInsight hex editor for malware analysis
  ☆161Updated 4 months ago
• silence-is-best / c2db
  c2 traffic
  ☆188Updated 2 years ago
• marcosd4h / sysmonx
  SysmonX - An Augmented Drop-In Replacement of Sysmon
  ☆214Updated 5 years ago
• CERT-Polska / mwdb-core
  Malware repository component for samples & static configuration with REST API interface.
  ☆351Updated 2 weeks ago
• google / vxsig
  Automatically generate AV byte signatures from sets of similar binaries.
  ☆271Updated 5 months ago
• spender-sandbox / cuckoomon-modified
  Modified edition of cuckoomon
  ☆49Updated 6 years ago
• CERT-Polska / mquery
  YARA malware query accelerator (web frontend)
  ☆427Updated last month
• nazywam / AutoIt-Ripper
  Extract AutoIt scripts embedded in PE binaries
  ☆184Updated 9 months ago
• hasherezade / mal_unpack
  Dynamic unpacker based on PE-sieve
  ☆730Updated last month
• OALabs / PyIATRebuild
  Automatically rebuild Import Address Table for dumped PE file. With python bindings!
  ☆119Updated 6 years ago
• carbonblack / binee
  Binee: binary emulation environment
  ☆517Updated 2 years ago
• jdu2600 / Windows10EtwEvents
  Events from all manifest-based and mof-based ETW providers across Windows 10 versions
  ☆297Updated last year
• intezer / yara-rules
  ☆125Updated 3 months ago
• therealdreg / DbgChild
  Debug Child Process Tool (auto attach)
  ☆283Updated last year
• D4stiny / PeaceMaker
  PeaceMaker Threat Detection is a Windows kernel-based application that detects advanced techniques used by malware.
  ☆420Updated 4 years ago
• x64dbg / yarasigs
  Various Yara signatures (possibly to be included in a release later).
  ☆85Updated 5 years ago