rabbitstack / fibratus
Adversary tradecraft detection, protection, and hunting
☆2,285Updated this week
Alternatives and similar repositories for fibratus:
Users that are interested in fibratus are comparing it to the libraries listed below
- Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks,…☆2,131Updated last month
- Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-mem…☆3,260Updated 2 weeks ago
- FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.☆3,468Updated 2 weeks ago
- FakeNet-NG - Next Generation Dynamic Network Analysis Tool☆1,878Updated 2 months ago
- Windows kernel and user mode emulation.☆1,620Updated last month
- Python module for viewing Portable Executable (PE) files in a tree-view using pefile and PyQt5. Can also be used with IDA Pro and Rekall …☆1,323Updated 2 years ago
- A static analyzer for PE executables.☆1,048Updated last year
- Set of tools to analyze Windows sandboxes for exposed attack surface.☆2,134Updated 3 months ago
- Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Po…☆3,129Updated 2 months ago
- VirusTotal Wanna Be - Now with 100% more Hipster☆1,680Updated last year
- Python scriptable Reverse Engineering Sandbox, a Virtual Machine instrumentation and inspection framework based on QEMU☆1,662Updated last year
- The pattern matching swiss knife☆8,650Updated this week
- The FLARE team's open-source tool to identify capabilities in executable files.☆5,224Updated this week
- Open EDR public repository☆2,381Updated last year
- Portable Executable reversing tool with a friendly GUI☆2,961Updated 3 weeks ago
- Diaphora, the most advanced Free and Open Source program diffing tool.☆3,779Updated 4 months ago
- A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering env…☆7,067Updated last week
- Malware Configuration And Payload Extraction☆2,279Updated this week
- HackSys Extreme Vulnerable Driver (HEVD) - Windows & Linux☆2,607Updated last month
- A True Instrumentable Binary Emulation Framework☆5,327Updated last week
- Noriben - Portable, Simple, Malware Analysis Sandbox☆1,143Updated last year
- Builds malware analysis Windows VMs so that you don't have to.☆1,039Updated 3 years ago
- Rekall Memory Forensic Framework☆1,945Updated 4 years ago
- Windows System Call Tables (NT/2000/XP/2003/Vista/7/8/10/11)☆2,280Updated last month
- Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.☆5,188Updated last month
- Pafish is a testing tool that uses different techniques to detect virtual machines and malware analysis environments in the same way that…☆3,594Updated 9 months ago
- Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term o…☆2,436Updated last month
- pefile is a Python module to read and work with PE (Portable Executable) files☆1,921Updated 7 months ago
- UAC bypass, Elevate, Persistence methods☆2,661Updated 2 years ago
- A Pin Tool for tracing API calls etc☆1,399Updated last month