#
malware-analysis
- Sign up for GitHub or sign in to edit this page
Here are 417 public repositories matching this topic...
A curated list of awesome malware analysis tools and resources.
-
Updated
Nov 5, 2019 - 622 commits
A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.
-
Updated
Nov 4, 2019 - 200 commits
- Python
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
-
Updated
Nov 4, 2019 - 1 commits
- JavaScript
This repository was created and developed by Ammar Amer @cry__pto Only. Updates to this repository will continue to arrive until the number of links reaches 10000 links & 10000 pdf files .Learn Ethical Hacking and penetration testing .hundreds of ethical hacking & penetration testing & red team & cyber security & computer science resources.
-
Updated
Nov 4, 2019 - 180 commits
hugsy
commented
Oct 22, 2019
Some documentation pages have external references to an asciinema, which have expired.
As a consequence, the documentation on both pages shows a big ugly "This recording has been archived".
I quickly grep-ed the following pages:
-
is-syscall(@daniellimws) - [
syscall-args](https://gef.readthedocs.io/en/dev/commands/syscall
hackunagi
commented
May 30, 2019
Hello everyone!
I have a few doubts on how events are handled across misp instances and Orgs. As I still haven't complete domain of the code and my curiosity is killing me, I'm coming here to ask help =]
- In the situation a site admin edit an event from another org and publish it. What exactly will happen with that information? Supposing it has a distribution level as "All communities".
Wil
xx55x
commented
Jul 24, 2019
Description
In pwndbg release 2017.02.01 build: 1ab3de0, when registers changed while debugging a program, there would be an asterisk near the changed register which could be customized with context-register-changed-marker and context-register-changed-color.
These config options are still available, however in later releases (both 2018.07.29 and 2019.01.25) there doesn't seem to be a
-
Updated
Nov 4, 2019 - 114 commits
- PowerShell
LIEF - Library to Instrument Executable Formats
-
Updated
Nov 3, 2019 - 697 commits
- C++
oletools - python tools to analyze MS OLE2 files (Structured Storage, Compound File Binary Format) and MS Office documents, for malware analysis, forensics and debugging.
-
Updated
Nov 4, 2019 - 1 commits
- Rich Text Format
FakeNet-NG - Next Generation Dynamic Network Analysis Tool
-
Updated
Oct 30, 2019 - 287 commits
- Python
Malcom - Malware Communications Analyzer
-
Updated
Oct 25, 2019 - 708 commits
- Python
A curated list of awesome YARA rules, tools, and people.
-
Updated
Nov 4, 2019 - 184 commits
LacroixEtienne
commented
Apr 26, 2019
Sandboxed Execution Environment
-
Updated
Oct 27, 2019 - 244 commits
- Python
Android Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android
-
Updated
Nov 4, 2019 - 244 commits
- YARA
makin - reveal anti-debugging and anti-VM tricks
-
Updated
Nov 1, 2019 - 111 commits
- C++
FAME Automates Malware Evaluation
-
Updated
Nov 4, 2019 - 52 commits
- Python
HaboMalHunter is a sub-project of Habo Malware Analysis System (https://habo.qq.com), which can be used for automated malware analysis and security assessment on the Linux system.
-
Updated
Nov 1, 2019 - 39 commits
- Python
A VBA parser and emulation engine to analyze malicious macros.
-
Updated
Nov 4, 2019 - 829 commits
- Python
DRAKVUF Black-box Binary Analysis
-
Updated
Nov 2, 2019 - 614 commits
- C
Windows driver with usermode interface which can hide objects of file-system and registry, protect processes and etc
-
Updated
Nov 3, 2019 - 96 commits
- C
Open
Simple step-by-step
7
benlarsendk
commented
Mar 27, 2018
Wouldn't it be a good idea to create a simple introduction to the system, i.e. how to go from cloning the repo, to actually be able to analyze a file. This would be a great part, such that more people can use the framework.
Is your feature request related to a problem? Please describe.
Add support for MobiCore Loadable Format (MCLF) which used by trustlet and driver binaries
Describe alternatives you've considered
https://github.com/ghassani/mclf-ida-loader
https://github.com/NeatMonster/mclf-ghidra-loader