rabbitstack / fibratus
Adversary tradecraft detection, protection, and hunting
☆2,319Updated this week
Alternatives and similar repositories for fibratus:
Users that are interested in fibratus are comparing it to the libraries listed below
- Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks,…☆2,145Updated 3 weeks ago
- FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.☆3,503Updated last week
- FakeNet-NG - Next Generation Dynamic Network Analysis Tool☆1,895Updated 2 weeks ago
- The FLARE team's open-source tool to identify capabilities in executable files.☆5,269Updated last week
- Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-mem…☆3,275Updated this week
- A static analyzer for PE executables.☆1,056Updated last year
- VirusTotal Wanna Be - Now with 100% more Hipster☆1,680Updated 2 years ago
- Diaphora, the most advanced Free and Open Source program diffing tool.☆3,812Updated 4 months ago
- Windows kernel and user mode emulation.☆1,635Updated 3 weeks ago
- Network Analysis Tool☆3,226Updated 2 years ago
- The pattern matching swiss knife☆8,705Updated 2 weeks ago
- Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Po…☆3,167Updated 2 months ago
- A post exploitation framework designed to operate covertly on heavily monitored environments☆2,090Updated 3 years ago
- Malware Configuration And Payload Extraction☆2,347Updated last week
- An advanced memory forensics framework☆7,638Updated last year
- A True Instrumentable Binary Emulation Framework☆5,389Updated this week
- Rapidly Search and Hunt through Windows Forensic Artefacts☆3,116Updated last month
- Python module for viewing Portable Executable (PE) files in a tree-view using pefile and PyQt5. Can also be used with IDA Pro and Rekall …☆1,324Updated 2 years ago
- Noriben - Portable, Simple, Malware Analysis Sandbox☆1,149Updated last week
- Collaborative Malware Analysis Platform at Scale☆741Updated this week
- DRAKVUF Sandbox - automated hypervisor-level malware analysis system☆1,120Updated this week
- Investigate malicious Windows logon by visualizing and analyzing Windows event log☆2,877Updated 10 months ago
- Rekall Memory Forensic Framework☆1,947Updated 4 years ago
- Python scriptable Reverse Engineering Sandbox, a Virtual Machine instrumentation and inspection framework based on QEMU☆1,665Updated last year
- HackSys Extreme Vulnerable Driver (HEVD) - Windows & Linux☆2,627Updated last month
- Repository of yara rules☆4,362Updated last year
- Set of tools to analyze Windows sandboxes for exposed attack surface.☆2,149Updated 4 months ago
- A curated list of awesome YARA rules, tools, and people.☆3,772Updated 3 weeks ago
- Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.☆6,267Updated last week
- DRAKVUF Black-box Binary Analysis☆1,113Updated this week