CRITs – Collaborative Research Into Threats
Collaborative Research Into Threats (CRITs) is a web-based tool which combines an analytic engine with a cyber threat database that not only serves as a repository for attack data and...
Category: Malware Analysis
snake: malware storage zoo
Introduction Snake is a malware storage zoo that was built out of the need for a centralized and unified storage solution for malicious samples that could seamlessly integrate into the...
Yeti: Your everyday threat intelligence
Yeti is a platform meant to organize observables, indicators of compromise, TTPs, and knowledge on threats in a single, unified repository. Yeti will also automatically enrich observables (e.g. resolve domains,...
klara: Threat Intelligence researchers hunt for new malware using Yara
GReAT’s KLara project Klara project is aimed at helping Threat Intelligence researchers hunt for new malware using Yara. In order to hunt efficiently for malware, one needs a large collection of...
mquery v1.4 releases: YARA malware query accelerator
mquery: Yara malware queries accelerator Ever had trouble searching for particular malware samples? Our project is an analyst-friendly web GUI to look through your digital warehouse. mquery can be used...
malsub: online malware analysis and threat intelligence services
malsub is a Python 3.6.x framework that wraps several web services of online malware and URL analysis sites through their RESTful Application Programming Interfaces (APIs). It supports submitting files or URLs for analysis, retrieving...
HaboMalHunter: Habo Malware Analysis System
HaboMalHunter is a sub-project of Habo Malware Analysis System (https://habo.qq.com), which can be used for automated malware analysis and security assessment on the Linux system. The tool helps security analyst extracting...
DRAKVUF v1.0 releases: Black-box Binary Analysis
DRAKVUF Introduction It is a virtualization-based agentless black-box binary analysis system. DRAKVUF allows for in-depth execution tracing of arbitrary binaries (including operating systems), all without having to install any special...
detux: The Multiplatform Linux Sandbox
Detux: The Multiplatform Linux Sandbox Introduction: It is a sandbox developed to do traffic analysis of the Linux malwares and capture the IOCs by doing so. QEMU hypervisor is used...
malware-jail: Sandbox for semi-automatic Javascript malware analysis, deobfuscation and payload extraction
malware-jail Sandbox for semi-automatic Javascript malware analysis, deobfuscation and payload extraction. Written for Node.js malware-jail is written for Node’s ‘vm’ sandbox. Currently implements WScript (Windows Scripting Host) context env/wscript.js, at least the...
MADLIRA: Malware detection using learning and information retrieval for Android
MADLIRA Malware detection using learning and information retrieval for Android Overview MADLIRA is a tool for Android malware detection. It consists of two components: TFIDF component and SVM learning component....
zenected: Zenected Threat Defense VPN
Zenected is a cloud-based security threat protection service. It’s delivered through a set of pre-configured services. Once a user connects to the Zenected, that user’s network traffic is filtered to keep the...
flare: An analytical framework for network traffic and behavioral analytics
Flare is a network analytic framework designed for data scientists, security researchers, and network professionals. Written in Python, it is designed for rapid prototyping and development of behavioral analytics and...
gscript: Scriptable dynamic runtime execution of malware
gscript Genesis Scripting Engine Genesis Scripting (gscript for short) is a technology I’ve developed to enable more intelligent malware stagers. Typically, stagers are pretty dumb. Most stagers are unique to...
ProcessHacker: monitor system resources, debug software and detect malware
Process Hacker A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware. Features A detailed overview of system activity with highlighting. Graphs and statistics...
