Alternatives and similar repositories for maldoca

Users that are interested in maldoca are comparing it to the libraries listed below

• google / vxsig
  Automatically generate AV byte signatures from sets of similar binaries.
  ☆273Updated 5 months ago
• avast / yaramod
  Parsing of YARA rules into AST and building new rulesets in C++.
  ☆124Updated 3 weeks ago
• kevoreilly / capemon
  capemon: CAPE's monitor
  ☆119Updated this week
• google / permhash
  ☆43Updated last year
• avast / yari
  YARI is an interactive debugger for YARA Language.
  ☆88Updated 4 months ago
• hfiref0x / MpEnum
  Enumerate Windows Defender threat families and dump their names according category
  ☆90Updated 6 years ago
• intel471 / coderex
  A tool that automates regex generation for the x86 and x86-64 instruction sets
  ☆72Updated last year
• fr0gger / unprotect
  Unprotect is a python tool for parsing PE malware and extract evasion techniques.
  ☆115Updated 2 years ago
• mandiant / capa-testfiles
  Data to test capa's code and rules.
  ☆42Updated 2 weeks ago
• NtRaiseHardError / Kaiser
  Fileless persistence, attacks and anti-forensic capabilties.
  ☆91Updated 6 years ago
• avast / yarang
  Alternative YARA scanning engine
  ☆70Updated 2 years ago
• hasherezade / pe_utils
  A set of small utilities, helpers for PIN tracers
  ☆33Updated last year
• hatching / roach
  Cockroach is your primitive & immortal swiss army knife.
  ☆49Updated 3 years ago
• libyal / libscca
  Library and tools to access the Windows Prefetch File (SCCA) format.
  ☆74Updated 5 months ago
• zodiacon / syllabi
  ☆61Updated last year
• airbus-cert / yara-ttd
  Use YARA rules on Time Travel Debugging traces
  ☆90Updated last year
• trendmicro / telfhash
  Symbol hash for ELF files
  ☆111Updated 3 years ago
• hasherezade / funky_malware_formats
  Parsers for custom malware formats ("Funky malware formats")
  ☆96Updated 3 years ago
• nsacyber / Driver-Collider
  Blocks drivers from loading by using a name collision technique. #nsacyber
  ☆49Updated 7 years ago
• palantir / exploitguard
  Documentation and supporting script sample for Windows Exploit Guard
  ☆156Updated 3 years ago
• hasherezade / libpeconv_tpl
  A ready-made template for a project based on libpeconv.
  ☆48Updated 3 months ago
• hasherezade / antianalysis_demos
  Set of antianalysis techniques found in malware
  ☆132Updated last year
• hasherezade / pe2pic
  Small visualizator for PE files
  ☆69Updated last year
• MathildeVenault / SysMainView
  This tool is the result of a reverse engineering process of the Windows service called SysMain. Time to interact with the prefetch files …
  ☆31Updated 4 years ago
• SouhailHammou / Drivers
  Windows Drivers
  ☆98Updated 6 years ago
• ohjeongwook / ShellCodeEmulator
  Shellcode emulator written with Unicorn Framework With Process Dump Emulation Environment
  ☆123Updated 4 years ago
• xorhex / mlget
  A golang CLI tool to download malware from a variety of sources.
  ☆146Updated last year
• google / plusfish
  Plusfish is a classic web application vulnerability scanner/fuzzer and aimed at security professionals
  ☆28Updated 2 years ago
• CAPESandbox / community
  Community modules for CAPE Sandbox
  ☆97Updated 2 weeks ago
• nccgroup / WindowsJobLock
  Windows Process Lockdown Tool using Job Objects
  ☆69Updated 11 years ago