OneNoteAnalyzer A C# based tool for analyzing malicious OneNote documents Description Recently we came across a few malicious OneNote Documents being distributed in the wild by various threat actors. This...
Malware Analysis / Reverse Engineering
by do son · Published December 15, 2022 · Last modified December 16, 2022
sharem SHAREM is intended to be the ultimate Windows shellcode tool, with support to emulate over 12,000 WinAPIs, virtually all user-mode Windows syscalls, and SHAREM provides numerous new features. SHAREM...
TheMatrix This project was created to ease the malware analysis process. The goal is to create an activator binary whose purpose is to load a user-defined binary and monitor the...
Malware Detection using machine learning Analysis modules: Static: Features are extracted from PE file headers (mainly Optional Header) Dynamic: Features are the API calls traced using Cuckoo Sandbox Datasets construction...
Malware Analysis / Reverse Engineering
by do son · Published November 22, 2022 · Last modified May 11, 2023
DotDumper An automatic unpacker and logger for DotNet Framework targeting files! This tool has been unveiled at Black Hat USA 2022. The automatic detection and classification of any given file in...
subparse Subparse is a modular framework developed by Josh Strochein, Aaron Baker, and Odin Bernstein. The framework is designed to parse and index malware files and present the information found...
WhacAMole WhacAMole is a program that analyzes processes in memory in an integral way, detecting and alerting of anomalies related to the malware and presenting and saving in files all...
Malware Analysis / Reverse Engineering
by do son · Published October 17, 2022 · Last modified May 1, 2023
THE YARALYZER Visually inspect all of the regex matches (and their sexier, more cloak-and-dagger cousins, the YARA matches) found in binary data and/or text. See what happens when you force various...
systeminformer A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware. Brought to you by Winsider Seminars & Solutions, Inc. Features A detailed overview...
hollows_hunter Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches). It is an application based on PE-sieve (a library version), so there...
Ransomware Simulator The goal of this repository is to provide a simple, harmless way to check your AV’s protection on ransomware. This tool simulates typical ransomware behaviour, such as: Staging...
DroidDetective DroidDetective is a Python tool for analysing Android applications (APKs) for potential malware-related behaviour and configurations. When provided with a path to an application (APK file) Droid Detective will...
Arya – The Reverse YARA Arya is a unique tool that produces pseudo-malicious files meant to trigger YARA rules. You can think of it as a reverse YARA because it...
Lupo — Malware IOC Extractor Debugging module for Malware Analysis Automation Introduction Working on security incidents that involve malware, we come across situations on a regular basis where we feel...
Verdict-as-a-Service Verdict-as-a-Service (VaaS) is a service that provides a platform for scanning files for malware and other threats. It allows easy integration in your application. With a few lines of code,...
Support Securityonline.info site. Thanks!
