Clik here to view.
MADLIRA – Malware detection using learning and information retrieval for...
MADLIRA is a tool for Android malware detection. It consists in two components: TFIDF component and SVM learning component. In gerneral, it takes an input a set of malwares and benwares and then...
View ArticleClik here to view.
r2kit – A set of scripts for a radare-based malware code analysis workflow.
r2kit is a set of scripts to help with a workflow for malware code analysis using radare. + sessionstarter.py – Run from inside an r2 session to auto rename imports, thunks, wrapper functions, and...
View ArticleClik here to view.
harpoon – CLI tool for open source and threat intelligence(OSINT).
harpoon is a python3 scripting for get, Requests and gather information from; censys, shodan, AlienVault OTX, Virus Total, MalShare database, Total Hash, Telegram, Twitter, github and many more.....
View ArticleClik here to view.
androguard v3.1.0-rc1 – Reverse engineering, Malware and goodware analysis of...
What has changed androguard v3.1.0-rc1? – Ported Androguard to python3! You can now use py2.7 or py>=3.3! – Tainted Analysis is gone and will be replaced by XREFs using the...
View ArticleClik here to view.
RegParser (rp) is a python wrapper script for python-registry framework.
RegParser (rp) is a python wrapper script for python-registry framework (@williballenthin [FireEye]). This command-line utility is designed to slightly extend and facilitate framework’s capabilities....
View ArticleClik here to view.
ph0neutria malware crawler.
ph0neutria is a malware zoo builder that sources samples straight from the wild. Everything is stored in Viper for ease of access and manageability. This project was inspired by Ragpicker...
View ArticleClik here to view.
masc – A Web Malware Scanner.
masc is A malware (web) scanner developed during CyperCamp. Features: + Scan any website for malware using OWASP WebMalwareScanner checksum, YARA rules databases and ClamAV engine (if available) +...
View ArticleClik here to view.
Euphony is a unifier of malware labels for android.
Euphony is a Harmonious Unification of Cacophonous Anti-Virus Vendor Labels for Android Malware. From a list of VirusTotal reports, Euphony can parse malware labels and produce a single family per...
View ArticleClik here to view.
robust-atd : Advanced Threat Defense API malware submissions.
robust-atd is an *UnOfficial/Unsupported* Command line tools for managing McAfee ATD – Advanced Threat Defense API malware submissions. “Robust” is a set of tools to leverage the HTTPS REST API of the...
View ArticleClik here to view.
malscan – A Simple PE File Heuristics Scanner.
MalScan is a simple PE File Heuristics Scanners written in python that you can use to quickly analyze a PE file and find out whether anything suspicious exists. It is a simple tool so doesn’t offers...
View ArticleClik here to view.
attackintel – Quickly dump known tactics/techniques of a specific Mitre...
attackintel A simple python script to query the MITRE ATT&CK API for tactics, techniques, mitigations, & detection methods for specific threat(Threat-Hunting) groups. attackintel Goals +...
View ArticleClik here to view.
ShellcodeLoader – Small tool to load shellcode or PEs to analyze them.
ShellcodeLoader has been built with the purpose to quickly debug a shellcode extracted in malware analysis in a context of an executable. What ShelcodeLoader does is read a bynary file from disk to...
View ArticleClik here to view.
MLRD – Machine Learning Ransomware Detection.
MLRD is a machine learning based malware analyser written in Python 3 that can be used to detect ransomware. Features: + Analyses and Extracts features from PE file headers to determine if a file is...
View ArticleClik here to view.
MalPipe – Malware/IOC ingestion and processing engine.
MalPipe is a modular malware (and indicator) collection and processing framework. It is designed to pull malware, domains, URLs and IP addresses from multiple feeds, enrich the collected data and...
View ArticleClik here to view.
TIH – Threat Intelligence Hunter framework.
TIH is an intelligence tool that helps you in searching for IOCs across multiple openly available security feeds and some well known APIs. The idea behind the tool is to facilitate searching and...
View ArticleClik here to view.
MalwLess Simulator Tool (MST).
MalwLess is a open source tool developed in C# for blue teams that allows you to test your SIEM and security systems. Basically you can simulate the behaviour of a malicious attack or system compromise...
View ArticleClik here to view.
rastrea2r – Collecting & Hunting for IOC with gusto and style.
Description Ever wanted to turn your AV console into an Incident Response & Threat Hunting machine? Rastrea2r (pronounced “rastreador” – hunter- in Spanish) is a multi-platform open source tool...
View ArticleClik here to view.
omnibus – The Osint Omnibus.
Omnibus An Omnibus is defined as a volume containing several novels or other items previously published separately and that is exactly what the InQuest Omnibus project intends to be for Open Source...
View Article