rabbitstack / fibratus
Adversary tradecraft detection, protection, and hunting
☆2,271Updated this week
Alternatives and similar repositories for fibratus:
Users that are interested in fibratus are comparing it to the libraries listed below
- Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks,…☆2,106Updated this week
- Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-mem…☆3,225Updated last week
- FakeNet-NG - Next Generation Dynamic Network Analysis Tool☆1,854Updated last month
- FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.☆3,412Updated this week
- The FLARE team's open-source tool to identify capabilities in executable files.☆5,131Updated this week
- Portable Executable reversing tool with a friendly GUI☆2,896Updated 2 months ago
- Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Po…☆3,090Updated 3 weeks ago
- A Pin Tool for tracing API calls etc☆1,380Updated 2 weeks ago
- Windows kernel and user mode emulation.☆1,576Updated this week
- Set of tools to analyze Windows sandboxes for exposed attack surface.☆2,114Updated 2 months ago
- VirusTotal Wanna Be - Now with 100% more Hipster☆1,670Updated last year
- Python module for viewing Portable Executable (PE) files in a tree-view using pefile and PyQt5. Can also be used with IDA Pro and Rekall …☆1,317Updated 2 years ago
- Python scriptable Reverse Engineering Sandbox, a Virtual Machine instrumentation and inspection framework based on QEMU☆1,662Updated last year
- windows kernel security development☆1,979Updated 2 years ago
- Windows System Call Tables (NT/2000/XP/2003/Vista/7/8/10/11)☆2,251Updated this week
- HackSys Extreme Vulnerable Driver (HEVD) - Windows & Linux☆2,574Updated last month
- Reverse engineering framework in Python☆3,565Updated 3 weeks ago
- A static analyzer for PE executables.☆1,043Updated last year
- Diaphora, the most advanced Free and Open Source program diffing tool.☆3,740Updated 2 months ago
- A Coverage Explorer for Reverse Engineers☆2,319Updated 7 months ago
- A collection of links related to VMware escape exploits☆1,396Updated 5 months ago
- Noriben - Portable, Simple, Malware Analysis Sandbox☆1,139Updated last year
- Open EDR public repository☆2,343Updated last year
- Rekall Memory Forensic Framework☆1,940Updated 4 years ago
- Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.☆6,098Updated last month
- The pattern matching swiss knife☆8,542Updated last week
- Binary code static analyser, with IDA integration. Performs value and taint analysis, type reconstruction, use-after-free and double-free…☆1,738Updated 4 months ago
- A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering env…☆6,922Updated this week
- Collaborative Malware Analysis Platform at Scale☆736Updated 3 weeks ago
- Pafish is a testing tool that uses different techniques to detect virtual machines and malware analysis environments in the same way that…☆3,535Updated 8 months ago