BLACKPHENIX is an open source malware analysis automation framework composed of services, scripts, plug-ins, and tools and is based on a Command-and-Control (C&C) architecture
☆31May 22, 2023Updated 2 years ago
Alternatives and similar repositories for ips-bph-framework
Users that are interested in ips-bph-framework are comparing it to the libraries listed below
Sorting:
- ☆14Sep 24, 2012Updated 13 years ago
- Python client for p0f3 API☆15Jan 25, 2021Updated 5 years ago
- ☆11Jun 5, 2020Updated 5 years ago
- ☆11Feb 14, 2025Updated last year
- This repo contains miscellaneous tools to aid in your malware analysis.☆13Mar 2, 2021Updated 4 years ago
- Handy scripts to speed up malware analysis☆34Oct 3, 2023Updated 2 years ago
- A Docker container for Moloch based on minimal Debian☆13Jun 23, 2017Updated 8 years ago
- writeups for the past CTF challenges☆14Nov 23, 2020Updated 5 years ago
- Python code and data for the post "Word Segmentation, or Makingsenseofthis"☆17Oct 24, 2022Updated 3 years ago
- APT34/OILRIG leak☆11Jun 25, 2019Updated 6 years ago
- Binary Ninja script to decrypt strings in Mirai samples☆21Jun 30, 2021Updated 4 years ago
- Emu-strings project - JScript/VBScript automated dropper analysis system☆18Mar 25, 2021Updated 4 years ago
- Repository containing malware analysis filters for the Windows SysInternals' - Process Monitor tool☆20Oct 2, 2020Updated 5 years ago
- Advanced usage of the ptrace syscall in order to implement a more resistent anti debugging feature☆17Jan 7, 2017Updated 9 years ago
- 🔓 Decrypt strings from a .NET module dump protected by Themida, the advanced windows software protection system☆19Mar 20, 2021Updated 4 years ago
- Materials for a course based on the Practical Malware Analysis text by Andrew Honig and Michael Sikorski☆19Jan 4, 2019Updated 7 years ago
- ☆23May 28, 2021Updated 4 years ago
- CLI tool to compute the TypeRefHash for .NET binaries.☆19Nov 10, 2021Updated 4 years ago
- a collection of yara rules for binary analysis☆24Aug 24, 2017Updated 8 years ago
- Parsers for custom malware formats ("Funky malware formats")☆98Jan 8, 2022Updated 4 years ago
- Forensics triage tool relying on Volatility and Foremost☆25Dec 3, 2023Updated 2 years ago
- My malware analysis code snippets☆28Jul 15, 2023Updated 2 years ago
- This is a python version of samesame repo to generate homograph strings☆24Aug 22, 2018Updated 7 years ago
- ☆26Nov 9, 2021Updated 4 years ago
- ssdeep cluster analysis for malware files☆31Jun 5, 2020Updated 5 years ago
- Parsing of YARA rules into AST and building new rulesets in C++.☆129Jan 25, 2026Updated last month
- Chrome Logs Events and Protobuf Parser☆39Dec 13, 2022Updated 3 years ago
- PHP 7 and safe-build update of the popular C99 variant of PHP Shell with MySQL support☆29Dec 1, 2019Updated 6 years ago
- Integrating Sysinternals Autoruns’ logs into Security Onion☆31Feb 20, 2024Updated 2 years ago
- A Docker container for Moloch based on minimal Debian☆26Jan 25, 2016Updated 10 years ago
- ☆35Aug 29, 2012Updated 13 years ago
- Automatic analysis of SWF files based on some heuristics. Extensible via plugins.☆120Jun 19, 2019Updated 6 years ago
- SNIcat☆128Aug 19, 2021Updated 4 years ago
- A small and insanely fast ARCFOUR (RC4) cipher implementation of Python☆31Updated this week
- ☆35Oct 29, 2021Updated 4 years ago
- Writeups for CTF challenges☆35Nov 12, 2023Updated 2 years ago
- ml webshellgg project☆38Nov 29, 2018Updated 7 years ago
- My talks and papers☆40Nov 24, 2025Updated 3 months ago
- JSONP helper (pure JS)☆55Feb 7, 2021Updated 5 years ago