Malware Analysis tools
☆26Sep 14, 2024Updated last year
Alternatives and similar repositories for MalwareAnalysis
Users that are interested in MalwareAnalysis are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Vagrant Files to create a Virtualbox VM for Malware Analysis☆13Jun 1, 2021Updated 4 years ago
- lnk_parser is a full rust implementation to parse windows LNK files☆23Feb 17, 2026Updated 2 months ago
- Zero Wine Tryouts: An open source malware analysis tool☆17Jun 7, 2016Updated 9 years ago
- ☆12Jun 6, 2025Updated 10 months ago
- This library provides functionality for fetching and parsing information about Common Vulnerabilities and Exposures (CVE) using the NIST …☆14May 11, 2023Updated 2 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Proof of concept agentic solver for nfuncs from DEF CON Quals 2025☆23Apr 18, 2025Updated last year
- a small curation of created/stolen scripts for reverse engineering☆12May 3, 2024Updated 2 years ago
- exfiltration/infiltration toolkit☆23Dec 20, 2023Updated 2 years ago
- A script to assist in processing forensic RAM captures for malware triage☆26Feb 4, 2021Updated 5 years ago
- Microsoft Compound File Binary (CFB) file format Python IO☆15Apr 2, 2026Updated last month
- ReviveIT (revit) is a proof of concept file recovery tool (carver)☆13Dec 3, 2020Updated 5 years ago
- PDF Parser is a command line tool and go library for analyzing PDF files.☆14Jan 25, 2024Updated 2 years ago
- Work in Progress repo☆16Apr 18, 2019Updated 7 years ago
- Remote Code Execution vulnerability on ArcSight Logger☆20Jan 24, 2021Updated 5 years ago
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- Go Lang Portable Executable Parser☆39Mar 31, 2021Updated 5 years ago
- Work in progress experiments with reverse shells, AV bypass and extraction of secrets from memory in C☆39Dec 7, 2019Updated 6 years ago
- Threat Hunting is time consuming enough as it is. Coming up with and tracking metrics to justify your hunt team to the Execs often takes…☆13Dec 7, 2022Updated 3 years ago
- Windows Administrator level Implant.☆50Sep 28, 2024Updated last year
- A modified fork of Be.HexEditor for use in debug tools☆15Jan 5, 2022Updated 4 years ago
- ☆17Feb 15, 2022Updated 4 years ago
- Python web app for previewing data in a Chrome Profile Folder☆25Jul 1, 2024Updated last year
- Handy scripts to speed up malware analysis☆34Oct 3, 2023Updated 2 years ago
- Automatically spider the result set of a Censys/Shodan search and download all files where the file name or folder path matches a regex.☆29Apr 22, 2023Updated 3 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- ☆18Apr 4, 2019Updated 7 years ago
- A demonstration of how page tables can be used to run arbitrary code in ring-0 and lead to a privesc. Uses CVE-2016-7255 as an example.☆11Jun 11, 2018Updated 7 years ago
- MalRecon - Basic Malware Reconnaissance and Analysis Tool☆26Jun 8, 2017Updated 8 years ago
- Invoke-DetectItEasy is a wrapper for excelent tool called Detect-It-Easy. This PS module is very useful for Threat Hunting and Forensics.☆31Feb 15, 2022Updated 4 years ago
- A repository for tracking events related to the MOVEit Transfer Cl0p Campaign☆71Jul 19, 2023Updated 2 years ago
- Discover potential timestamps within the Windows Registry☆19Apr 22, 2014Updated 12 years ago
- ida utilities / plugins / scripts☆98Jan 29, 2026Updated 3 months ago
- Parser for Sdba memory pool tags☆21Jul 16, 2021Updated 4 years ago
- Python Script to access ATT&CK content available in STIX via a public TAXII server☆13Dec 21, 2024Updated last year
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Information about most important hunts which can be performed by Threat hunters while searching for any adversary/threats inside the orga…☆15May 18, 2019Updated 6 years ago
- This repository presents a detailed case study on tracking cryptocurrency transactions and uncovering dark web operations. Using open-sou…☆35Apr 14, 2025Updated last year
- Information about Progress MoveIT CVE☆11Jun 16, 2023Updated 2 years ago
- Repository for different Windows DFIR related CMDs, PowerShell CMDlets, etc, plus workshops that I did for different conferences or event…☆77Jul 13, 2021Updated 4 years ago
- hopefully a source-to-source deobfuscator, aiming at deobfuscating common scripts languages such as Powershell, VBA and Javascript. Curre…☆40Aug 17, 2019Updated 6 years ago
- List of scripts used for malware analysis☆15Aug 10, 2015Updated 10 years ago
- ☆14Dec 15, 2023Updated 2 years ago