Alternatives and similar repositories for ssdeep

Users that are interested in ssdeep are comparing it to the libraries listed below

• VirusTotal / yara-python
  The Python interface for YARA
  ☆723Updated 7 months ago
• mandiant / capa-rules
  Standard collection of rules for capa: the tool for enumerating the capabilities of programs
  ☆664Updated last week
• Neo23x0 / yarGen
  yarGen is a generator for YARA rules
  ☆1,766Updated this week
• MBCProject / mbc-markdown
  MBC content in markdown
  ☆516Updated 7 months ago
• BayshoreNetworks / yextend
  Yara integrated software to handle archive file data.
  ☆321Updated 3 years ago
• CERT-Polska / drakvuf-sandbox
  DRAKVUF Sandbox - automated hypervisor-level malware analysis system
  ☆1,257Updated this week
• trendmicro / tlsh
  ☆816Updated last year
• eset / malware-ioc
  Indicators of Compromises (IOC) of our various investigations
  ☆1,907Updated 3 weeks ago
• Rurik / Noriben
  Noriben - Portable, Simple, Malware Analysis Sandbox
  ☆1,219Updated 5 months ago
• decalage2 / ViperMonkey
  A VBA parser and emulation engine to analyze malicious macros.
  ☆1,115Updated last year
• tklengyel / drakvuf
  DRAKVUF Black-box Binary Analysis
  ☆1,193Updated 2 months ago
• JusticeRage / Manalyze
  A static analyzer for PE executables.
  ☆1,098Updated 2 years ago
• mandiant / flare-fakenet-ng
  FakeNet-NG - Next Generation Dynamic Network Analysis Tool
  ☆2,052Updated last month
• Neo23x0 / yarAnalyzer
  Yara Rule Analyzer and Statistics
  ☆396Updated 2 years ago
• ctxis / CAPE
  Malware Configuration And Payload Extraction
  ☆760Updated last year
• libyal / libewf
  Libewf is a library to access the Expert Witness Compression Format (EWF)
  ☆295Updated 3 weeks ago
• reversinglabs / reversinglabs-yara-rules
  ReversingLabs YARA Rules
  ☆888Updated 2 months ago
• rowingdude / analyzeMFT
  analyzeMFT.py is designed to fully parse the MFT file from an NTFS filesystem and present the results as accurately as possible in multip…
  ☆516Updated 5 months ago
• guelfoweb / peframe
  PEframe is a open source tool to perform static analysis on Portable Executable malware and malicious MS Office documents.
  ☆619Updated 3 years ago
• log2timeline / plaso
  Super timeline all the things
  ☆1,996Updated 3 weeks ago
• mikesxrs / Open-Source-YARA-rules
  YARA Rules I come across on the internet
  ☆358Updated last year
• KasperskyLab / klara
  Kaspersky's GReAT KLara
  ☆730Updated last year
• Neo23x0 / signature-base
  YARA signature and IOC database for my scanners and tools
  ☆2,835Updated last week
• CERT-Polska / karton
  Distributed malware processing framework based on Python, Redis and S3.
  ☆460Updated last month
• volatilityfoundation / community
  Volatility plugins developed and maintained by the community
  ☆375Updated 4 years ago
• buffer / thug
  Python low-interaction honeyclient
  ☆1,020Updated this week
• volatilityfoundation / profiles
  Volatility profiles for Linux and Mac OS X
  ☆327Updated 3 years ago
• microsoft / avml
  AVML - Acquire Volatile Memory for Linux
  ☆1,042Updated last month
• erocarrera / pefile
  pefile is a Python module to read and work with PE (Portable Executable) files
  ☆2,008Updated last year
• cuckoosandbox / monitor
  The new Cuckoo Monitor.
  ☆351Updated last year