What is phpMussel? An ideal solution for shared hosting environments, where it’s often not possible to utilize or install conventional anti-virus protection solutions, phpMussel is…
View More phpMussel v1.9.1 releases: PHP-based anti-virus anti-trojan anti-malware solution
stoQ is an automation framework that helps to simplify the more mundane and repetitive tasks an analyst is required to do. It allows analysts and…
View More stoq v2.0.4 releases: open source framework for enterprise level automated analysis
MISP – Malware Information Sharing Platform and Threat Sharing MISP, Malware Information Sharing Platform, and Threat Sharing is an open source software solution for collecting,…
View More MISP v2.4.105 released – Malware Information Sharing Platform & Threat Sharing
mXtract An open source Linux based tool that analyzes and dumps memory. It is developed as an offensive penetration testing tool, which is used to…
View More mXtract v1.1 releases: Memory Extractor & Analyzer
Noriben Malware Analysis Sandbox Noriben is a Python-based script that works in conjunction with Sysinternals Procmon to automatically collect, analyze, and report on runtime indicators…
View More Noriben: Portable, Simple, Malware Analysis Sandbox
Sniffles Sniffles is a tool for creating packet captures that will test IDS that use fixed patterns or regular expressions for detecting suspicious behavior. Sniffles…
View More Sniffles: Packet Capture Generator for IDS and Regular Expression Evaluation
RetDec is a retargetable machine-code decompiler based on LLVM. The decompiler is not limited to any particular target architecture, operating system, or executable file format: Supported file…
View More RetDec v3.3 releases: retargetable machine-code decompiler
Loki – Simple IOC Scanner Scanner for Simple Indicators of Compromise Detection is based on four detection methods: File Name IOC Regex match on full…
View More Loki v0.29.2 released – Simple IOC and Incident Response Scanner
Sigma Generic Signature Format for SIEM Systems What is Sigma? Sigma is a generic and open signature format that allows you to describe relevant log…
View More sigma v0.10 releases: Generic Signature Format for SIEM Systems
BlobRunner is a simple tool to quickly debug shellcode extracted during malware analysis. It allocates memory for the target file and jumps to the base…
View More BlobRunner: debug shellcode extracted during malware analysis