secrary / DrSemu
DrSemu - Sandboxed Malware Detection and Classification Tool Based on Dynamic Behavior
☆272Updated 5 years ago
Alternatives and similar repositories for DrSemu:
Users that are interested in DrSemu are comparing it to the libraries listed below
- Generating YARA rules based on binary code☆208Updated 3 years ago
- Live hunting of code injection techniques☆380Updated 5 years ago
- Pafish Macro is a Macro enabled Office Document to detect malware analysis systems and sandboxes. It uses evasion & detection techniques …☆281Updated 7 years ago
- Allows you to quickly query a Windows machine for RAM artifacts☆221Updated 4 years ago
- A tool to detect and crash Cuckoo Sandbox☆293Updated 8 months ago
- Command-line and Python debugger for instrumenting and modifying native software behavior on Windows and Linux.☆162Updated 2 years ago
- ☆134Updated 6 years ago
- Zerokit/GAPZ rootkit (non buildable and only for researching)☆182Updated 6 years ago
- PeaceMaker Threat Detection is a Windows kernel-based application that detects advanced techniques used by malware.☆420Updated 4 years ago
- snake - a malware storage zoo☆216Updated last year
- FCL (Fileless Command Lines) - Known command lines of fileless malicious executions☆467Updated 4 years ago
- FLARE Kernel Shellcode Loader☆177Updated 5 years ago
- A malware analysis and classification tool.☆190Updated 3 years ago
- Binee: binary emulation environment☆515Updated 2 years ago
- Pattern Extractor for Obfuscated Code☆297Updated 3 years ago
- Official VirusTotal plugin for IDA Pro☆156Updated last year
- Wraps around various tools and provides some additional checks/information to produce a centralized report of a PE file.☆205Updated 11 years ago
- An open source script to perform malware static analysis on Portable Executable☆312Updated last year
- An attempt at Process Doppelgänging☆182Updated 7 years ago
- A list of ways to execute code on Windows using legitimate Windows tools☆306Updated 5 years ago
- MoP - "Master of Puppets" - Advanced malware tracking framework☆80Updated 7 months ago
- x86 emulation and shellcode detection☆151Updated last year
- Automated malware unpacker☆119Updated 9 years ago
- Hollowfind is a Volatility plugin to detect different types of process hollowing techniques used in the wild to bypass, confuse, deflect …☆136Updated 2 years ago
- 🧠 🦠 An artificial neural network and API to detect Windows malware, based on Ergo and LIEF.☆178Updated 5 years ago
- Automatically generate AV byte signatures from sets of similar binaries.☆269Updated 4 months ago
- Tool written in python3 to determine where the AV signature is located in a binary/payload☆314Updated 7 years ago
- Imaginary C2 is a python tool which aims to help in the behavioral (network) analysis of malware. Imaginary C2 hosts a HTTP server which …☆447Updated 2 years ago
- Sample use cases of the .NET native code hooking technique☆210Updated 7 years ago
- Static based decoders for malware samples☆93Updated 4 years ago