Information Security
Linux Memory Grabber A script for dumping Linux memory and creating Volatility(TM) profiles. To analyze Linux memory, you first need to be able to capture Linux memory. AVML works great, but if your system...
Qiling – Advanced Binary Emulation framework Qiling is an advanced binary emulation framework, with the following features: Cross-platform: Windows, MacOS, Linux, BSD Cross architecture: X86, X86_64, Arm, Arm64, Mips Multiple file formats: PE, MachO,...
DRAKVUF Sandbox DRAKVUF Sandbox is an automated black-box malware analysis system with a DRAKVUF engine under the hood. This project provides you with a friendly web interface that allows you to upload suspicious files to...
CAPE: Malware Configuration And Payload Extraction CAPE is a malware sandbox. It is derived from Cuckoo and is designed to automate the process of malware analysis with the goal of extracting payloads and configuration...
Mitaka Mitaka is an OSINT friendly IOC (Indicator of Compromise) search tool. It works as a Chrome extension and it makes possible to search / scan IOC via the context menu. Features Supported IOC...
mquery: Yara malware queries accelerator Ever had trouble searching for particular malware samples? Our project is an analyst-friendly web GUI to look through your digital warehouse. mquery can be used to search through terabytes...
MISP – Malware Information Sharing Platform and Threat Sharing MISP, Malware Information Sharing Platform, and Threat Sharing is an open-source software solution for collecting, storing, distributing and sharing cybersecurity indicators and threats about cybersecurity...
ThreatIngestor An extendable tool to extract and aggregate IOCs from threat feeds. Integrates out-of-the-box with ThreatKB and MISP, and can fit seamlessly into any existing workflow with SQS, Beanstalk, and custom plugins. ThreatIngestor can be configured to watch Twitter, RSS feeds,...
Loki – Simple IOC Scanner Scanner for Simple Indicators of Compromise Detection is based on four detection methods: File Name IOC Regex match on full file path/name Yara Rule Check Yara signature match on...
PE-sieve is a light-weight tool that helps to detect malware running on the system, as well as to collect the potentially malicious material for further analysis. Recognizes and dumps a variety of implants within the...
