Alternatives and similar repositories for maldoca

Users that are interested in maldoca are comparing it to the libraries listed below

• google / vxsig
  Automatically generate AV byte signatures from sets of similar binaries.
  ☆285Updated last year
• avast / yaramod
  Parsing of YARA rules into AST and building new rulesets in C++.
  ☆129Updated last month
• DownWithUp / CallMon
  CallMon is an experimental system call monitoring tool that works on Windows 10 versions 2004+ using PsAltSystemCallHandlers
  ☆144Updated 5 years ago
• intel471 / coderex
  A tool that automates regex generation for the x86 and x86-64 instruction sets
  ☆71Updated last year
• hfiref0x / MpEnum
  Enumerate Windows Defender threat families and dump their names according category
  ☆93Updated 6 years ago
• fr0gger / unprotect
  Unprotect is a python tool for parsing PE malware and extract evasion techniques.
  ☆120Updated 2 years ago
• zodiacon / syllabi
  ☆64Updated last year
• libyal / libscca
  Library and tools to access the Windows Prefetch File (SCCA) format.
  ☆81Updated 3 weeks ago
• 0vercl0k / sic
  Enumerate user mode shared memory mappings on Windows.
  ☆126Updated 4 years ago
• hasherezade / pe2pic
  Small visualizator for PE files
  ☆70Updated 2 years ago
• nsacyber / Driver-Collider
  Blocks drivers from loading by using a name collision technique. #nsacyber
  ☆50Updated 8 years ago
• palantir / exploitguard
  Documentation and supporting script sample for Windows Exploit Guard
  ☆169Updated 4 months ago
• hasherezade / antianalysis_demos
  Set of antianalysis techniques found in malware
  ☆133Updated 2 years ago
• hasherezade / pe_utils
  A set of small utilities, helpers for PIN tracers
  ☆35Updated 3 months ago
• avast / yarang
  Alternative YARA scanning engine
  ☆73Updated 3 years ago
• poona / APIMiner
  API Logger for Windows Executables
  ☆80Updated 5 years ago
• MathildeVenault / SysMainView
  This tool is the result of a reverse engineering process of the Windows service called SysMain. Time to interact with the prefetch files …
  ☆32Updated 5 years ago
• kevoreilly / capemon
  capemon: CAPE's monitor
  ☆144Updated 2 weeks ago
• xorhex / mlget
  A golang CLI tool to download malware from a variety of sources.
  ☆151Updated 6 months ago
• libyal / libmdmp
  Library and tools to access the Windows Minidump (MDMP) format
  ☆43Updated last month
• WithSecureLabs / GarbageMan
  GarbageMan is a set of tools for analyzing .NET binaries through heap analysis.
  ☆118Updated 2 years ago
• malwarefrank / dnfile
  Parse .NET executable files.
  ☆82Updated 4 months ago
• mandiant / capa-testfiles
  Data to test capa's code and rules.
  ☆46Updated last month
• NtRaiseHardError / Kaiser
  Fileless persistence, attacks and anti-forensic capabilties.
  ☆93Updated 7 years ago
• airbus-cert / yara-ttd
  Use YARA rules on Time Travel Debugging traces
  ☆96Updated 2 years ago
• SouhailHammou / Drivers
  Windows Drivers
  ☆100Updated 6 years ago
• CheckPointSW / showstopper
  ShowStopper is a tool for helping malware researchers explore and test anti-debug techniques or verify debugger plugins or other solution…
  ☆219Updated 3 years ago
• hasherezade / funky_malware_formats
  Parsers for custom malware formats ("Funky malware formats")
  ☆98Updated 4 years ago
• pathtofile / Sealighter
  Sysmon-Like research tool for ETW
  ☆381Updated 3 years ago
• VergiliusProject / kernels-data
  Windows kernel PDB data parsed into YAML
  ☆42Updated 2 months ago