Information Security
ExtAnalysis Browser Extension Analysis Framework With ExtAnalysis you can : Download & Analyze Extensions From: Chrome Web Store Firefox Addons Analyze Installed Extensions of: Google Chrome Mozilla Firefox Opera Browser (Coming Soon) Upload and...
Malcolm is a powerful network traffic analysis tool suite designed with the following goals in mind: Easy to use – Malcolm accepts network traffic data in the form of full packet capture (PCAP) files and Zeek...
What is sandfly-filescan? sandfly-filescan is a utility to quickly scan files and report on their entropy (a measure of randomness) and if they are a Linux/Unix ELF type executable. Some malware for Linux is packed...
Malwoverview Malwoverview.py is a first response tool to perform an initial and quick triage in a directory containing malware samples, specific malware samples, suspect URL and domains. Additionally, it allows us to download and...
AndroPyTool This is a tool for extracting static and dynamic features from Android APKs. It combines different well-known Android apps analysis tools such as DroidBox, FlowDroid, Strace, AndroGuard or VirusTotal analysis. Provided a source...
RepoTele – Hunting Abused Telegram Accounts The following is a part of my talk called “Leveraging Yara Rules to Hunt for Abused Telegram Accounts”, that script is the second step in my research to...
Qiling – Advanced Binary Emulation framework Qiling is an advanced binary emulation framework, with the following features: Cross-platform: Windows, MacOS, Linux, BSD Cross architecture: X86, X86_64, Arm, Arm64, Mips Multiple file formats: PE, MachO,...
Quark Engine An Obfuscation-Neglect Android Malware Scoring System Android malware analysis engine is not a new story. Every antivirus company has its own secrets to build it. With curiosity, we develop a malware scoring...
histstat This is a cross-platform command-line tool for obtaining live, rudimentary network connection data on a computer system. This tool was designed for network and security analysts to easily view connections on a system...
x64dbg x64dbg is an open-source binary debugger for Windows, aimed at malware analysis and reverse engineering of executables you do not have the source code for. There are many features available and a comprehensive...
