Category: Malware Analysis

Linux Malware Analysis Sandbox

ELFEN: Automated Linux Malware Analysis Sandbox

ELFEN: Linux Malware Analysis Sandbox ELFEN is a dockerized sandbox for analyzing Linux (file type: ELF) malware. It leverages an array of open-source technologies to perform both static and dynamic analysis. Results are available...

threat hunting framework

Crawlector v2.3 releases: threat hunting framework

Crawlector Crawlector (the name Crawlector is a combination of Crawler & Detector) is a threat hunting framework designed for scanning websites for malicious objects. Note-1: The framework was first presented at the No Hat conference in Bergamo, Italy on...

YARA rule analyzer

yaraQA: YARA rule analyzer

yaraQA YARA rule Analyzer to improve rule quality and performance Why? YARA rules can be syntactically correct but still dysfunctional. yaraQA tries to find and report these issues to the author or maintainer of...

extract PE file

IATelligence: extract the IAT of a PE file

IATelligence IATelligence is a Python script that extracts the Import Address Table (IAT) from a PE file and uses OpenAI’s GPT-3 model to provide details about each Windows API imported by the file. The...

Windows shellcode tool

sharem: ultimate Windows shellcode tool

sharem SHAREM is intended to be the ultimate Windows shellcode tool, with support to emulate over 12,000 WinAPIs, virtually all user-mode Windows syscalls, and SHAREM provides numerous new features. SHAREM was released on September...