mandiant/stringsifter

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/mandiant/stringsifter)

mandiant / stringsifter

A machine learning tool that ranks strings based on their relevance for malware analysis.

☆752

Alternatives and similar repositories for stringsifter

Users that are interested in stringsifter are comparing it to the libraries listed below

Sorting:

mandiant / flare-floss
View on GitHub
FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.
☆3,897Updated this week
mandiant / capa
View on GitHub
The FLARE team's open-source tool to identify capabilities in executable files.
☆5,844Updated this week
mandiant / speakeasy
View on GitHub
Windows kernel and user mode emulation.
☆1,852Feb 19, 2026Updated last week
JPCERTCC / MalConfScan
View on GitHub
Volatility plugin for extracts configuration data of known malware
☆495Dec 22, 2023Updated 2 years ago
Neo23x0 / yarGen
View on GitHub
yarGen is a generator for YARA rules
☆1,776Jan 10, 2026Updated last month
OTRF / Security-Datasets
View on GitHub
Re-play Security Events
☆1,723Mar 20, 2024Updated last year
sbousseaden / EVTX-ATTACK-SAMPLES
View on GitHub
Windows Events Attack Samples
☆2,515Jan 24, 2023Updated 3 years ago
mandiant / capa-rules
View on GitHub
Standard collection of rules for capa: the tool for enumerating the capabilities of programs
☆693Feb 19, 2026Updated last week
CERT-Polska / mquery
View on GitHub
YARA malware query accelerator (web frontend)
☆437Feb 3, 2026Updated 3 weeks ago
CERT-Polska / malduck
View on GitHub
Malduck is your ducky companion in malware analysis journeys
☆349Jun 22, 2025Updated 8 months ago
0x4D31 / fatt
View on GitHub
FATT /fingerprintAllTheThings - a pyshark based script for extracting network metadata and fingerprints from pcap files and live network …
☆679Oct 28, 2023Updated 2 years ago
JusticeRage / Manalyze
View on GitHub
A static analyzer for PE executables.
☆1,107Updated this week
CERT-Polska / drakvuf-sandbox
View on GitHub
DRAKVUF Sandbox - automated hypervisor-level malware analysis system
☆1,266Feb 20, 2026Updated last week
Neo23x0 / signature-base
View on GitHub
YARA signature and IOC database for my scanners and tools
☆2,869Feb 5, 2026Updated 3 weeks ago
advanced-threat-research / Yara-Rules
View on GitHub
Repository of YARA rules made by Trellix ATR Team
☆625Mar 18, 2025Updated 11 months ago
alexandreborges / malwoverview
View on GitHub
Malwoverview is a rapid response tool used to gather intelligence information from VirusTotal, Hybrid Analysis, URLHaus, Polyswarm, Malsh…
☆3,548Jan 20, 2026Updated last month
carbonblack / binee
View on GitHub
Binee: binary emulation environment
☆529Feb 25, 2023Updated 3 years ago
Neo23x0 / munin
View on GitHub
Online hash checker for Virustotal and other services
☆846Mar 21, 2025Updated 11 months ago
binref / refinery
View on GitHub
High Octane Triage Analysis
☆817Updated this week
OTRF / ThreatHunter-Playbook
View on GitHub
A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more e…
☆4,486Jan 12, 2026Updated last month
InQuest / awesome-yara
View on GitHub
A curated list of awesome YARA rules, tools, and people.
☆4,138Mar 26, 2025Updated 11 months ago
JPCERTCC / aa-tools
View on GitHub
Artifact analysis tools by JPCERT/CC Analysis Center
☆462Aug 14, 2025Updated 6 months ago
certsocietegenerale / fame
View on GitHub
FAME Automates Malware Evaluation
☆928Dec 16, 2025Updated 2 months ago
mandiant / flare-vm
View on GitHub
A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering env…
☆8,378Dec 23, 2025Updated 2 months ago
hasherezade / pe-sieve
View on GitHub
Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-mem…
☆3,562Oct 31, 2025Updated 3 months ago
kevoreilly / CAPEv2
View on GitHub
Malware Configuration And Payload Extraction
☆3,019Feb 19, 2026Updated last week
ctxis / CAPE
View on GitHub
Malware Configuration And Payload Extraction
☆761Nov 22, 2024Updated last year
decalage2 / ViperMonkey
View on GitHub
A VBA parser and emulation engine to analyze malicious macros.
☆1,118Jul 10, 2024Updated last year
StrangerealIntel / CyberThreatIntel
View on GitHub
Analysis of malware and Cyber Threat Intel of APT and cybercriminals groups
☆723Dec 26, 2022Updated 3 years ago
Velocidex / velociraptor
View on GitHub
Digging Deeper....
☆3,771Updated this week
yeti-platform / yeti
View on GitHub
Your Everyday Threat Intelligence
☆1,951Feb 12, 2026Updated 2 weeks ago
DissectMalware / XLMMacroDeobfuscator
View on GitHub
Extract and Deobfuscate XLM macros (a.k.a Excel 4.0 Macros)
☆585May 5, 2024Updated last year
ION28 / BLUESPAWN
View on GitHub
An Active Defense and EDR software to empower Blue Teams
☆1,316Aug 10, 2023Updated 2 years ago
eset / malware-ioc
View on GitHub
Indicators of Compromises (IOC) of our various investigations
☆1,917Feb 20, 2026Updated last week
Rurik / Noriben
View on GitHub
Noriben - Portable, Simple, Malware Analysis Sandbox
☆1,231Aug 7, 2025Updated 6 months ago
CERT-Polska / karton
View on GitHub
Distributed malware processing framework based on Python, Redis and S3.
☆461Dec 1, 2025Updated 2 months ago
0x0be / PEpper
View on GitHub
An open source script to perform malware static analysis on Portable Executable
☆329May 23, 2023Updated 2 years ago
JPCERTCC / MalConfScan-with-Cuckoo
View on GitHub
Cuckoo Sandbox plugin for extracts configuration data of known malware
☆135Dec 22, 2023Updated 2 years ago
hasherezade / hollows_hunter
View on GitHub
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks,…
☆2,313Oct 31, 2025Updated 3 months ago