YARA is a tool aimed at (but not limited to) helping malware researchers to identify and classify malware samples. With YARA you can create descriptions…
View More YARA 3.9.0 releases, The pattern matching swiss knife
Category: Malware Analysis
maltrail v0.11.34 releases: Malicious traffic detection system
MaltrailĀ is a malicious traffic detection system, utilizing publicly available (black)lists containing malicious and/or generally suspicious trails, along with static trails compiled from various AV reports…
View More maltrail v0.11.34 releases: Malicious traffic detection system
chkrootkit v0.53 releases: detection rootkits & malware on Linux
Although the Linux system can be protected from the spread of most malware, it is not absolutely safe. If your data center erected a Linux…
View More chkrootkit v0.53 releases: detection rootkits & malware on Linux
stoq v2.0.3 releases: open source framework for enterprise level automated analysis
stoQ is an automation framework that helps to simplify the more mundane and repetitive tasks an analyst is required to do. It allows analysts and…
View More stoq v2.0.3 releases: open source framework for enterprise level automated analysis
CryptGrep: IDA python script to search a cryptographic function to analyze malware rapidly
‘CryptGrep’ is an IDA python script which makes it possible to search a cryptographic function to analyze malware rapidly. The same malware family usually use…
View More CryptGrep: IDA python script to search a cryptographic function to analyze malware rapidly
histstat v1.1 releases: history for netstat
histstat This is a cross-platform command line tool for obtaining live, rudimentary network connection data on a computer system. This tool was designed for network…
View More histstat v1.1 releases: history for netstat
pftriage v1.0.1 releases: Python tool and library to help analyze files during malware triage and analysis
pftriage is a tool to help analyze files during malware triage. It allows an analyst to quickly view and extract the properties of a file…
View More pftriage v1.0.1 releases: Python tool and library to help analyze files during malware triage and analysis
FakeNet-NG v1.4.3 releases: Next Generation Dynamic Network Analysis Tool
FakeNet-NG is a next-generation dynamic network analysis tool for malware analysts and penetration testers. It is open source and designed for the latest versions of…
View More FakeNet-NG v1.4.3 releases: Next Generation Dynamic Network Analysis Tool
malwoverview v1.5 releases: perform an initial and quick triage on a directory containing malware samples
Malwoverview Important aspect: Malwoverview does NOT submit samples to VT. It submits only hashes, so respecting Non-Disclosure Agreements (NDAs). Malwoverview.py is a simple tool to…
View More malwoverview v1.5 releases: perform an initial and quick triage on a directory containing malware samples
EKFiddle v0.8.6 released: A framework to study Exploit Kits
EKFiddle v.0.8.6 A framework based on the Fiddler web debugger to study Exploit Kits, malvertising and malicious traffic in general. Changelog # Version 0.8.6 [2019-02-02]…
View More EKFiddle v0.8.6 released: A framework to study Exploit Kits