Alternatives and similar repositories for PDF_analysis

Users that are interested in PDF_analysis are comparing it to the libraries listed below

• hiddenillusion / AnalyzePDF
  Tool to help analyze PDF files
  ☆186Updated 10 years ago
• Neo23x0 / Fnord
  Pattern Extractor for Obfuscated Code
  ☆298Updated 3 years ago
• 0x0be / PEpper
  An open source script to perform malware static analysis on Portable Executable
  ☆312Updated last year
• airbus-cert / regrippy
  A modern Python-3-based alternative to RegRipper
  ☆195Updated last month
• misterch0c / what_is_this_c2
  For all these times you're asking yourself "what is this panel again?"
  ☆255Updated 2 years ago
• mkorman90 / VolatilityBot
  VolatilityBot – An automated memory analyzer for malware samples and memory dumps
  ☆264Updated 3 years ago
• Velocidex / c-aff4
  An AFF4 C++ implementation.
  ☆200Updated 2 years ago
• 504ensicsLabs / DAMM
  Differential Analysis of Malware in Memory
  ☆211Updated 8 years ago
• SupportIntelligence / Icewater
  16,432 Free Yara rules created by
  ☆383Updated 5 years ago
• MalwareCantFly / Vba2Graph
  Vba2Graph - Generate call graphs from VBA code, for easier analysis of malicious documents.
  ☆278Updated 3 years ago
• williballenthin / INDXParse
  Tool suite for inspecting NTFS artifacts.
  ☆221Updated last year
• felixweyne / imaginaryC2
  Imaginary C2 is a python tool which aims to help in the behavioral (network) analysis of malware. Imaginary C2 hosts a HTTP server which …
  ☆447Updated 2 years ago
• chenerlich / FCL
  FCL (Fileless Command Lines) - Known command lines of fileless malicious executions
  ☆467Updated 4 years ago
• Xumeiquer / yara-forensics
  Set of Yara rules for finding files using magics headers
  ☆137Updated 4 years ago
• ANSSI-FR / polichombr
  Collaborative malware analysis framework
  ☆375Updated 6 years ago
• CERT-Polska / mquery
  YARA malware query accelerator (web frontend)
  ☆426Updated last month
• Te-k / analyst-scripts
  Scripts to analyze stuff
  ☆147Updated last month
• nbeede / BoomBox
  Automatic deployment of Cuckoo Sandbox malware lab using Packer and Vagrant
  ☆236Updated 2 years ago
• KasperskyLab / ForensicsTools
  Tools for DFIR
  ☆120Updated 7 years ago
• kirk-sayre-work / ViperMonkey
  A VBA parser and emulation engine to analyze malicious macros.
  ☆96Updated this week
• mandiant / ShimCacheParser
  ☆276Updated 2 years ago
• HynekPetrak / malware-jail
  Sandbox for semi-automatic Javascript malware analysis, deobfuscation and payload extraction. Written for Node.js
  ☆469Updated last year
• tomchop / unxor
  unXOR will search a XORed file and try to guess the key using known-plaintext attacks.
  ☆142Updated 5 years ago
• mgoffin / malwarecookbook
  Malware Analyst's Cookbook stuffs
  ☆156Updated 9 years ago
• PoorBillionaire / Windows-Prefetch-Parser
  Parse Windows Prefetch files: Supports XP - Windows 10 Prefetch files
  ☆117Updated 11 months ago
• kevthehermit / VolUtility
  Web App for Volatility framework
  ☆380Updated 5 months ago
• 0x4D31 / deception-as-detection
  Deception based detection techniques mapped to the MITRE’s ATT&CK framework
  ☆289Updated 7 years ago
• williballenthin / EVTXtract
  EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.
  ☆192Updated 2 months ago
• volatilityfoundation / profiles
  Volatility profiles for Linux and Mac OS X
  ☆323Updated 2 years ago
• mkorman90 / regipy
  Regipy is an os independent python library for parsing offline registry hives
  ☆256Updated 2 weeks ago