Alternatives and similar repositories for maldoca:

Users that are interested in maldoca are comparing it to the libraries listed below

• google / vxsig
  Automatically generate AV byte signatures from sets of similar binaries.
  ☆269Updated 4 months ago
• avast / yaramod
  Parsing of YARA rules into AST and building new rulesets in C++.
  ☆122Updated 3 weeks ago
• trendmicro / telfhash
  Symbol hash for ELF files
  ☆109Updated 3 years ago
• google / permhash
  ☆43Updated last year
• kevoreilly / capemon
  capemon: CAPE's monitor
  ☆116Updated this week
• aleksost / MemoryDecompression
  Tool to decompress data from Windows 10 page files and memory dumps, that has been compressed by the Windows 10 memory manager.
  ☆50Updated 6 years ago
• mandiant / capa-testfiles
  Data to test capa's code and rules.
  ☆42Updated last month
• stvemillertime / ConventionEngine
  ConventionEngine - A Yara Rulepack for PDB Path Hunting
  ☆38Updated 2 years ago
• stoerchl / yara_zip_module
  ☆13Updated 2 years ago
• fr0gger / unprotect
  Unprotect is a python tool for parsing PE malware and extract evasion techniques.
  ☆114Updated last year
• hasherezade / pe_utils
  A set of small utilities, helpers for PIN tracers
  ☆33Updated last year
• ohjeongwook / ShellCodeEmulator
  Shellcode emulator written with Unicorn Framework With Process Dump Emulation Environment
  ☆121Updated 4 years ago
• hatching / roach
  Cockroach is your primitive & immortal swiss army knife.
  ☆49Updated 3 years ago
• tyranid / DumpReparsePoints
  This is a simple tool to dump all the reparse points on an NTFS volume.
  ☆33Updated 4 years ago
• fxb-cocacoding / yara-signator
  Automatic YARA rule generation for Malpedia
  ☆159Updated 2 years ago
• hasherezade / pin_n_sieve
  An experimental dynamic malware unpacker based on Intel Pin and PE-sieve
  ☆60Updated 8 months ago
• libyal / libscca
  Library and tools to access the Windows Prefetch File (SCCA) format.
  ☆73Updated 4 months ago
• hasherezade / pe2pic
  Small visualizator for PE files
  ☆69Updated last year
• intezer / analyze-community-ghidra-plugin
  Ghidra plugin for https://analyze.intezer.com
  ☆70Updated 2 years ago
• zodiacon / DotNextSP2019
  DotNext 2019 St. Petersburg Talk Demos
  ☆40Updated 5 years ago
• CAPESandbox / community
  Community modules for CAPE Sandbox
  ☆95Updated last week
• mandiant / win10_rekall
  Rekall Memory Forensic Framework
  ☆32Updated 5 years ago
• 0vercl0k / sic
  Enumerate user mode shared memory mappings on Windows.
  ☆121Updated 4 years ago
• hfiref0x / MpEnum
  Enumerate Windows Defender threat families and dump their names according category
  ☆90Updated 5 years ago
• hasherezade / funky_malware_formats
  Parsers for custom malware formats ("Funky malware formats")
  ☆96Updated 3 years ago
• avast / yarang
  Alternative YARA scanning engine
  ☆70Updated 2 years ago
• ohjeongwook / PowerShellRunBox
  Dynamic PowerShell Analysis Framework Based Upon PowerShell Debugging Functionality
  ☆83Updated 2 years ago
• Sentinel-One / SKREAM
  SentinelOne's KeRnel Exploits Advanced Mitigations
  ☆53Updated 6 years ago
• williballenthin / viv-utils
  Utilities for working with vivisect
  ☆25Updated last month
• CERT-Polska / ursadb
  Trigram database written in C++, suited for malware indexing
  ☆125Updated 6 months ago