Alternatives and similar repositories for PDF_analysis

Users that are interested in PDF_analysis are comparing it to the libraries listed below

• felixweyne / imaginaryC2
  Imaginary C2 is a python tool which aims to help in the behavioral (network) analysis of malware. Imaginary C2 hosts a HTTP server which …
  ☆447Updated 2 years ago
• misterch0c / what_is_this_c2
  For all these times you're asking yourself "what is this panel again?"
  ☆255Updated 2 years ago
• WithSecureLabs / snake
  snake - a malware storage zoo
  ☆216Updated last year
• hiddenillusion / AnalyzePDF
  Tool to help analyze PDF files
  ☆186Updated 11 years ago
• 0x0be / PEpper
  An open source script to perform malware static analysis on Portable Executable
  ☆314Updated 2 years ago
• kirk-sayre-work / ViperMonkey
  A VBA parser and emulation engine to analyze malicious macros.
  ☆96Updated 2 weeks ago
• joesecurity / pafishmacro
  Pafish Macro is a Macro enabled Office Document to detect malware analysis systems and sandboxes. It uses evasion & detection techniques …
  ☆288Updated 8 years ago
• Neo23x0 / Fnord
  Pattern Extractor for Obfuscated Code
  ☆299Updated 3 years ago
• MalwareCantFly / Vba2Graph
  Vba2Graph - Generate call graphs from VBA code, for easier analysis of malicious documents.
  ☆278Updated 3 years ago
• Te-k / analyst-scripts
  Scripts to analyze stuff
  ☆147Updated 3 months ago
• Xumeiquer / yara-forensics
  Set of Yara rules for finding files using magics headers
  ☆138Updated 4 years ago
• msuhanov / dfir_ntfs
  An NTFS/FAT parser for digital forensics & incident response
  ☆204Updated 7 months ago
• airbus-cert / regrippy
  A modern Python-3-based alternative to RegRipper
  ☆196Updated 2 months ago
• mkorman90 / regipy
  Regipy is an os independent python library for parsing offline registry hives
  ☆257Updated this week
• mkorman90 / VolatilityBot
  VolatilityBot – An automated memory analyzer for malware samples and memory dumps
  ☆264Updated 4 years ago
• monnappa22 / HollowFind
  Hollowfind is a Volatility plugin to detect different types of process hollowing techniques used in the wild to bypass, confuse, deflect …
  ☆138Updated 2 years ago
• unixfreaxjp / malwaremustdie
  repository of tools & resources of the MMD team
  ☆131Updated 2 years ago
• 504ensicsLabs / DAMM
  Differential Analysis of Malware in Memory
  ☆212Updated 8 years ago
• chenerlich / FCL
  FCL (Fileless Command Lines) - Known command lines of fileless malicious executions
  ☆470Updated 4 years ago
• SupportIntelligence / Icewater
  16,432 Free Yara rules created by
  ☆384Updated 6 years ago
• Velocidex / c-aff4
  An AFF4 C++ implementation.
  ☆203Updated 2 years ago
• Neo23x0 / yarAnalyzer
  Yara Rule Analyzer and Statistics
  ☆375Updated 2 years ago
• KasperskyLab / ForensicsTools
  Tools for DFIR
  ☆120Updated 7 years ago
• k-vitali / Malware-Misc-RE
  Miscellaneous Malware RE
  ☆196Updated 3 years ago
• mitre / multiscanner
  Modular file scanning/analysis framework
  ☆619Updated 5 years ago
• bontchev / pcodedmp
  A VBA p-code disassembler
  ☆473Updated 4 years ago
• nbeede / BoomBox
  Automatic deployment of Cuckoo Sandbox malware lab using Packer and Vagrant
  ☆236Updated 2 years ago
• orlikoski / CDQR
  The Cold Disk Quick Response (CDQR) tool is a fast and easy to use forensic artifact parsing tool that works on disk images, mounted driv…
  ☆338Updated 3 years ago
• JohnLaTwC / PyPowerShellXray
  Python script to decode common encoded PowerShell scripts
  ☆216Updated 7 years ago
• gleeda / memtriage
  Allows you to quickly query a Windows machine for RAM artifacts
  ☆221Updated 4 years ago