QuickSand document and PDF malware analysis tool written in Python
☆138Feb 16, 2026Updated 2 weeks ago
Alternatives and similar repositories for quicksand
Users that are interested in quicksand are comparing it to the libraries listed below
Sorting:
- cryptam document malware analysis tool☆12Jun 18, 2023Updated 2 years ago
- PDFExaminer Tool - Analyse PDF Malware☆63Aug 12, 2021Updated 4 years ago
- Python emulator for Excel XLM macros.☆18May 25, 2020Updated 5 years ago
- A Modular MWDB Utility to Collect Fresh Malware Samples☆34May 17, 2021Updated 4 years ago
- Generates YARA rules to detect malware using API hashing☆17Mar 16, 2021Updated 4 years ago
- 100 Days of YARA to be updated with rules & ideas as the year progresses☆60Jan 18, 2023Updated 3 years ago
- Automatically spider the result set of a Censys/Shodan search and download all files where the file name or folder path matches a regex.☆28Apr 22, 2023Updated 2 years ago
- Threat Box Assessment Tool☆19Aug 15, 2021Updated 4 years ago
- ☆12Jun 29, 2021Updated 4 years ago
- YARA Language Server☆74Feb 3, 2026Updated last month
- Code for my blog post on using S2E for malware analysis☆25Jul 16, 2019Updated 6 years ago
- A little tool to filter the stranger strings from a binary so you can analyze the good ones☆52Sep 11, 2025Updated 5 months ago
- NTFS samples☆27Aug 1, 2020Updated 5 years ago
- An open source platform to support analysts to organise their case and tasks☆126Feb 26, 2026Updated last week
- Scripts, Yara rules and other files developed during malware investigations☆27Aug 19, 2022Updated 3 years ago
- A script to assist in processing forensic RAM captures for malware triage☆26Feb 4, 2021Updated 5 years ago
- The EPSS Calculator is a user-friendly web application that calculates the EPSS (Exploit Prediction Scoring System) score based on a prov…☆17Nov 11, 2024Updated last year
- Python library to query various sources of threat intelligence for data on domains, file hashes, and IP addresses.☆31Nov 6, 2023Updated 2 years ago
- macOS Artifact Intelligence Tool☆13Apr 30, 2019Updated 6 years ago
- Information about most important hunts which can be performed by Threat hunters while searching for any adversary/threats inside the orga…☆15May 18, 2019Updated 6 years ago
- Malware Muncher is a proof-of-concept Python script that utilizes the Frida framework for binary instrumentation and API hooking, enablin…☆46Feb 24, 2023Updated 3 years ago
- A small tool to easily mount APFS image on macOS for forensics.☆16Jul 30, 2020Updated 5 years ago
- D-Scan project for office document analysis and generating flow diagram of macro in documents. For demo visit☆29Jan 10, 2026Updated last month
- Lists of not-suitable-for-work words as YARA rules☆29Feb 2, 2026Updated last month
- Alternative YARA scanning engine☆73Aug 23, 2022Updated 3 years ago
- service location protocol amplified denial of service attack verification tool☆16Apr 25, 2023Updated 2 years ago
- SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…☆55Dec 5, 2024Updated last year
- Scripts to integrate DFIR-IRIS, MISP and TimeSketch☆35Feb 2, 2022Updated 4 years ago
- ☆33Feb 26, 2022Updated 4 years ago
- A golang CLI tool to download malware from a variety of sources.☆151Jul 3, 2025Updated 8 months ago
- YARA rule analyzer to improve rule quality and performance☆113Jan 18, 2026Updated last month
- Python tool and library to help analyze files during malware triage and analysis.☆78Jul 2, 2020Updated 5 years ago
- ☆15Nov 25, 2021Updated 4 years ago
- An experimental script to perform bulk parsing of arbitrary file features with YARA and console logging.☆21Nov 13, 2022Updated 3 years ago
- Various snippets created during malware analysis☆22Apr 29, 2018Updated 7 years ago
- ☆18Apr 4, 2019Updated 6 years ago
- $MFT parser (from live systems or a copy of the $MFT) and raw file copy utility☆38Jul 18, 2024Updated last year
- This repository contains analysis scripts, YARA rules, and additional IoCs related to our Telekom Security blog posts.☆118Updated this week
- Invoke-Forensics provides PowerShell commands to simplify working with the forensic tools KAPE and RegRipper.☆118Nov 28, 2023Updated 2 years ago