Cryptographic Dataset Generation & Modelling Framework
Malcom - Malware Communications Analyzer
Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts...
FakeNet-NG - Next Generation Dynamic Network Analysis Tool
Interactive Delphi Reconstructor
Ghidra is a software reverse engineering (SRE) framework
Automatic and platform-independent unpacker for Windows binaries based on emulation
VirusTotal Wanna Be - Now with 100% more Hipster
Automatic deployment of Cuckoo Sandbox malware lab using Packer and Vagrant
Simple tool to find the yara matches on a file
Java library to analyse Portable Executable files with a special focus on malware analysis and PE...
Malware/IOC ingestion and processing engine
A curated list of awesome infosec courses and training resources.
A curated list of resources related to Industrial Control System (ICS) security.
A curated list of awesome forensic analysis tools and resources
A curated list of resources for learning about application security
Pafish is a demonstration tool that employs several techniques to detect sandboxes and analysis environments in...
A simple tool to organise large malicious/benign files into a organised Structure.
Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
Collaborative malware analysis framework
A warehouse for your malware
Pure Python parser for classic Windows Event Log files (.evt)
An Open Source Malware Analysis Pipeline System
RegRipper version 2.8
WinDBG Anti-RootKit Extension
Windows Live Artifacts Acquisition Script
Web App for Volatility framework
inVtero.net: A high speed (Gbps) Forensics, Memory integrity & assurance. Includes offensive & defensive memory capabilities....
A short and small memory forensics helper.
VolDiff: Malware Memory Footprint Analysis based on Volatility
Based on the Volatility framework, this script will run various plugins as well as create a...
Differential Analysis of Malware in Memory
analyze a web-based network traffic to detect central command and control servers
An ICAP Server with yara scanner for URL and content.
Web interface for the Volatility Memory Forensics Framework
Visualize network topologies and collect graph statistics based on pcap files
Malicious traffic detection system
ngrep is like GNU grep applied to the network layer. It's a PCAP-based tool that allows...
Replay HTTP and HTTPS requests from a PCAP based on TLS Master Secrets.
Protocol Analysis/Decoder Framework
Laika BOSS: Object Scanning System
Botnet command & control monitor