Modular malware analysis artifact collection and correlation framework
☆54Apr 23, 2024Updated last year
Alternatives and similar repositories for subparse
Users that are interested in subparse are comparing it to the libraries listed below
Sorting:
- SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…☆55Dec 5, 2024Updated last year
- A tool that adds reproducible UUIDs to YARA rules☆13Apr 24, 2024Updated last year
- Emulates the VirusTotal "vt" YARA module for livehunt rule debugging/testing☆24May 29, 2023Updated 2 years ago
- These FLARE-VM configuration files are designed to be help setup a purpose-built installation, remove unnecessary packages to help stream…☆16Apr 10, 2024Updated last year
- A project created with an aim to emulate and test exfiltration of data over different network protocols.☆31Mar 21, 2023Updated 3 years ago
- ☆13Mar 1, 2024Updated 2 years ago
- Identifies metadata of .NET binary files.☆21Apr 3, 2024Updated last year
- Proof-of-Concept to evade auditd by writing /proc/PID/mem☆24Aug 21, 2023Updated 2 years ago
- ☆39Jan 24, 2024Updated 2 years ago
- THOR Thunderstorm Collectors☆25Updated this week
- SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…☆150Sep 22, 2023Updated 2 years ago
- Thor Artifacts for Velociraptor☆19Dec 2, 2025Updated 3 months ago
- Cmdlets for capturing Windows Events☆14Mar 11, 2022Updated 4 years ago
- Dropping a powershell script at %HOMEPATH%\Documents\WindowsPowershell\ , that contains the implant's path , and whenever powershell pro…☆85Aug 2, 2023Updated 2 years ago
- I have documented all of the AMSI patches that I learned till now☆73Nov 4, 2025Updated 4 months ago
- Azure AD enumeration over MS Graph☆81Nov 30, 2022Updated 3 years ago
- ☆127Mar 7, 2026Updated last week
- Norimaci is a simple and lightweight malware analysis sandbox for macOS☆71Mar 3, 2020Updated 6 years ago
- Malware similarity platform with modularity in mind.☆80Jul 18, 2021Updated 4 years ago
- ☆35Jun 22, 2021Updated 4 years ago
- ☆27Aug 18, 2023Updated 2 years ago
- ☆80Apr 18, 2023Updated 2 years ago
- It was developed to speed up the processes of SOC Analysts during analysis☆46Mar 15, 2024Updated 2 years ago
- A small program written in C that is designed to load 32/64-bit shellcode and allow for execution or debugging. Can also output PE files …☆172Jul 20, 2024Updated last year
- Imphash-like calculation on Golang binaries☆49Jul 2, 2022Updated 3 years ago
- ☆18Mar 26, 2024Updated last year
- Scripts and tools accompanying HP Threat Research blog posts and reports.☆50Apr 10, 2024Updated last year
- Hooked create process injection for meterpreter☆23Jun 16, 2021Updated 4 years ago
- EC2StepShell is an AWS post-exploitation tool for getting high privileges reverse shells in public or private EC2 instances.☆68Sep 20, 2024Updated last year
- Packet captures of malicious traffic for analysis using Wireshark☆63Jul 10, 2023Updated 2 years ago
- ☆18Dec 9, 2023Updated 2 years ago
- Proof-of-Concept to evade auditd by tampering via ptrace☆19Aug 3, 2023Updated 2 years ago
- Monitor your target continuously for new subdomains!☆25Mar 18, 2023Updated 3 years ago
- Standardized Malware Analysis Tool☆56Mar 9, 2021Updated 5 years ago
- Mobile Helper Framework (mhf) is a tool that automates the process of identifying the framework/technology used to create a mobile applic…☆26Dec 23, 2025Updated 2 months ago
- Python library for threat intelligence☆93Jan 14, 2025Updated last year
- Tool that can be used to trim useless things from a PE file such as the things a file pumper would add.☆29Apr 3, 2025Updated 11 months ago
- ☆38Oct 16, 2025Updated 5 months ago
- All my POC related to malware development☆15Feb 19, 2026Updated last month