What is PurpleLab? This solution will allow you to easily deploy an entire lab to create/test your detection rules, simulate logs, play tests, download and run malware and mitre attack...
Indetectables Toolkit This tool compilation is carefully crafted to be useful both for beginners and veterans of the malware analysis world. It has also proven useful for people trying their...
OpenArk OpenArk is an open-source anti-rootkit (ARK) tool for Windows. Ark is an Anti-Rootkit abbreviated, it aims at reversing/programming helper, and also users can find hidden malwares in the OS....
ELFEN: Linux Malware Analysis Sandbox ELFEN is a dockerized sandbox for analyzing Linux (file type: ELF) malware. It leverages an array of open-source technologies to perform both static and dynamic...
Malware Analysis / Reverse Engineering
by do son · Published November 9, 2023 · Last modified December 31, 2023
de4py De4py is an advanced Python deobfuscator with a beautiful UI and a set of Advanced features that enable malware analysts and reverse engineers to deobfuscate Python files and more....
YAMA YAMA is a system for generating scanners that can inspect specific malware during incident response. The scanner generated by YAMA is designed to explore the memory of Windows OS...
VBoxCloak A PowerShell script that attempts to help malware analysts hide their VirtualBox Windows VM’s from malware that may be trying to evade analysis. Guaranteed to bring down your pafish...
Crawlector Crawlector (the name Crawlector is a combination of Crawler & Detector) is a threat hunting framework designed for scanning websites for malicious objects. Note-1: The framework was first presented at the No Hat conference...
CryptoTester A utility for playing with cryptography, geared toward ransomware analysis. Hex Views All hex views used in CryptoTester offer a few enhanced capabilities. Null bytes are colored a lighter...
C2-Hunter C2-Hunter is a program designed for malware analysts to extract Command and Control (C2) traffic from malwares in real time. The program uses a unique approach by hooking into...
yaraQA YARA rule Analyzer to improve rule quality and performance Why? YARA rules can be syntactically correct but still dysfunctional. yaraQA tries to find and report these issues to the...
msidump MSI Dump – a tool that analyzes malicious MSI installation packages, extracts files, streams, and binary data, and incorporates YARA scanner. On Macro-enabled Office documents we can quickly use oletools...
PortexAnalyzerGUI Graphical interface for PortEx, a Portable Executable and Malware Analysis Library PortEx is a Java library for static malware analysis of Portable Executable files. Its focus is on PE...
IATelligence IATelligence is a Python script that extracts the Import Address Table (IAT) from a PE file and uses OpenAI’s GPT-3 model to provide details about each Windows API imported...
PortEx PortEx is a Java library for static malware analysis of Portable Executable files. Its focus is on PE malformation robustness, and anomaly detection. PortEx is written in Java and...
Support Securityonline.info site. Thanks!
