snemes / malware-analysis

Related projects ⓘ

Alternatives and complementary repositories for malware-analysis

• WMSR / utils
  ☆10Updated 4 years ago
• Dump-GUY / CAPA_JsonConver
  Converts exported results of CAPA tool from .json format to another formats supporting by different tools.
  ☆21Updated 2 years ago
• Tera0017 / TAFOF-Unpacker
  TA505 unpacker Python 2.7
  ☆46Updated 4 years ago
• tbarabosch / apihash_to_yara
  Generates YARA rules to detect malware using API hashing
  ☆17Updated 3 years ago
• sisoma2 / malware_analysis
  Scripts, Yara rules and other files developed during malware investigations
  ☆24Updated 2 years ago
• MITRECND / picaboo
  Specialized tool to dump Position Independent Code.
  ☆21Updated 4 years ago
• DissectMalware / MDIExtractor
  ☆15Updated 2 years ago
• WithSecureLabs / AMSIDetection
  AMSI detection PoC
  ☆30Updated 4 years ago
• k3idii / CobaltStrike-Tools
  Tools for playing w/ CobaltStrike config - extractin, detection, processing, etc...
  ☆27Updated last year
• ruppde / yara_rules
  Yara rules
  ☆19Updated last year
• arieljt / VTCodeBlocks-Maltego
  Maltego transforms to pivot between PE files based on their VirusTotal codeblocks
  ☆18Updated 3 years ago
• rmdavy / AmsiPEBWalkVBA
  Walking the PEB in VBA
  ☆22Updated 4 years ago
• mandiant / apooxml
  Generate YARA rules for OOXML documents.
  ☆37Updated last year
• mauronz / binja-emotet
  ☆18Updated 4 years ago
• usualsuspect / yara_vt_mock
  Emulates the VirusTotal "vt" YARA module for livehunt rule debugging/testing
  ☆21Updated last year
• skelsec / pypykatz-volatility3
  pypykatz plugin for volatility3 framework
  ☆31Updated 7 months ago
• proferosec / Threat-Intelligence
  A collection of threat intelligence data such as IOC, Yara and Snort/Suricata Rules etc.
  ☆10Updated 5 years ago
• kirk-sayre-work / xlmulator
  Python emulator for Excel XLM macros.
  ☆18Updated 4 years ago
• aaronst / talks
  Presentation materials for talks I've given.
  ☆20Updated 5 years ago
• jfmaes / Emulation-Workshop
  The repository accompanying the Buer Emulation workshop
  ☆23Updated 3 years ago
• StefanKelm / yara-rules
  Links to malware-related YARA rules
  ☆14Updated 2 years ago
• rivitna / APT
  ☆13Updated 2 years ago
• IceMoonHSV / Sim
  C# User Simulation
  ☆33Updated 2 years ago
• robindimyan / apthowto
  Liberating dem proprietary APT implants
  ☆21Updated 4 years ago
• OmerYa / Babel-Shellfish
  Babel-Shellfish deobfuscates and scans Powershell scripts on real-time right before each line execution.
  ☆41Updated 5 years ago
• WithSecureLabs / dotnet-gargoyle
  A spiritual .NET equivalent to the Gargoyle memory scanning evasion technique
  ☆50Updated 5 years ago
• rvrsh3ll / FlaskRedirectorProtector
  Protect your servers with a secret header
  ☆28Updated 4 years ago
• stairwell-inc / cobalt-strike-stager-parser
  ☆34Updated last year
• obscuritylabs / PeFixup
  PE File Blessing - To continue or not to continue
  ☆86Updated 4 years ago