Vba2Graph A tool for security researchers, who waste their time analyzing malicious Office macros. Generates a VBA call graph, with potential malicious keywords highlighted. Allows for quick analysis of malicious...
by do son · Published December 6, 2018 · Last modified November 4, 2024
Atomic Red Team is small, highly portable, community developed detection tests mapped to Mitre’s ATT&CK. ATT&CK was created by and is a trademark of The MITRE Corporation. Our Atomic Red Team tests...
Defense / Forensics / Malware Analysis
by do son · Published December 5, 2018 · Last modified October 10, 2021
PA Toolkit (Pentester Academy Wireshark Toolkit) PA Toolkit is a collection of traffic analysis plugins to extend the functionality of Wireshark from a micro-analysis tool and protocol dissector to the...
Imaginary C2 Imaginary C2 is a python tool which aims to help in the behavioural (network) analysis of malware. Imaginary C2 hosts an HTTP server which captures HTTP requests towards...
malice Malice’s mission is to be a free open source version of VirusTotal that anyone can use at any scale from an independent researcher to a fortune 500 company. Changelog...
malscan ClamAV-based malware scanner for Linux web servers. malscan is a scanning platform for Linux servers that simplifies keeping your web servers secure and malware-free. It is built upon the...
Fnord Fnord is a pattern extractor for obfuscated code Fnord has two main functions: Extract byte sequences and create some statistics Use these statistics, combined length, number of occurrences, similarity...
NEMEA System NEMEA (Network Measurements Analysis) system is a stream-wise, flow-based and modular detection system for network traffic analysis. It consists of many independent modules which are interconnected via communication interfaces and each of the...
pestudio is used by many Computer Emergency Response Teams (CERT) worldwide in order to perform Malware Initial Assessment. Malicious software often attempts to hide its intents in order to evade early...
rosenbridge Overview project:rosenbridge reveals a hardware backdoor in some desktop, laptop, and embedded x86 processors. The backdoor allows ring 3 (userland) code to circumvent processor protections to freely read and...
BinaryAlert is an open-source serverless AWS pipeline where any file uploaded to an S3 bucket is immediately scanned with a configurable set of YARA rules. An alert will fire as soon as...
exotron Sandbox Feature Upgrader What it does It’s so sad that big sandbox vendors do not provide the information that a blue teamer would like to see in the reports....
What is MalZoo? MalZoo is a mass static malware analysis tool that collects the information in a Mongo database and moves the malware samples to a repository directory based on...
Yabin creates Yara signatures from executable code within malware. Given one sample of malware, you can then find other samples that share code. It does this by looking for rare...
Fridump Fridump (v0.1) is an open source memory dumping tool, primarily aimed to penetration testers and developers. Fridump is using the Frida framework to dump accessible memory addresses from any...
Support Securityonline.info site. Thanks!
