keiche

keiche's Stars

• CERT-Polska/mquery

  YARA malware query accelerator (web frontend)

  Language:Python41877

• kevoreilly/CAPEv2

  Malware Configuration And Payload Extraction

  Language:Python2.1k432

• peewpw/Invoke-PSImage

  Encodes a PowerShell script in the pixels of a PNG file and generates a oneliner to execute

  Language:PowerShell2.2k399

• WithSecureLabs/snake

  snake - a malware storage zoo

  Language:Shell21740

• avast/retdec

  RetDec is a retargetable machine-code decompiler based on LLVM.

  Language:C++8.1k957

• bontchev/pcodedmp

  A VBA p-code disassembler

  Language:Python45985

• decalage2/oletools

  oletools - python tools to analyze MS OLE2 files (Structured Storage, Compound File Binary Format) and MS Office documents, for malware analysis, forensics and debugging.

  Language:Python3k567

• JohnLaTwC/PyPowerShellXray

  Python script to decode common encoded PowerShell scripts

  Language:Python21534

• Cisco-Talos/file2pcap

  Language:C16737

• mandiant/flare-floss

  FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.

  Language:Python3.4k461

• certsocietegenerale/fame

  FAME Automates Malware Evaluation

  Language:Python877169

• PUNCH-Cyber/stoq

  An open source framework for enterprise level automated analysis.

  Language:Python39555

• EmersonElectricCo/fsf

  File Scanning Framework

  Language:Python28949

• viper-framework/viper

  Binary analysis and management framework

  Language:Python1.5k351

• MITRECND/chopshop

  Protocol Analysis/Decoder Framework

  Language:Python490112

• salesforce/ja3

  JA3 is a standard for creating SSL client fingerprints in an easy to produce and shareable way.

  Language:Python2.8k294

• gamelinux/passivedns

  A network sniffer that logs all DNS server replies for use in a passive DNS setup

  Language:C1.7k374

• secureworks/flowsynth

  a network packet capture compiler

  Language:Python19631

• arkime/arkime

  Arkime is an open source, large scale, full packet capturing, indexing, and database system.

  Language:JavaScript6.5k1k

• EmersonElectricCo/boomerang

  A tool designed for consistent and safe capture of off network web resources.

  Language:Python386

• google/stenographer

  Stenographer is a packet capture solution which aims to quickly spool all packets to disk, then provide simple, fast access to subsets of those packets. Discussion/announcements at stenographer@googlegroups.com

  Language:Go1.8k236

• EFForg/yaya

  Yet Another Yara Automaton - Automatically curate open source yara rules and run scans

  Language:Go27127

• sublime-security/sublime-platform

  A free and open platform for detecting and preventing email attacks like BEC, malware, and credential phishing. Gain visibility and control, hunt for advanced threats, collaborate with the community, and write detections-as-code.

  Language:Shell17515

• ulid/spec

  The canonical spec for ulid

  9.9k173

• target/strelka

  Real-time, container-based file scanning at enterprise scale

  Language:Python893119

• mewdriller/pr-approval-emoji

  Emoji to use on your GitHub PR approvals.

  Language:JavaScript7

• jshlbrd/laikaboss-modules

  Language:Python172

• lmco/laikaboss

  Laika BOSS: Object Scanning System

  Language:Python744156

• dod-cyber-crime-center/DC3-MWCP

  DC3 Malware Configuration Parser (DC3-MWCP) is a framework for parsing configuration information from malware. The information extracted from malware includes items such as addresses, passwords, filenames, and mutex names.

  Language:Python30556

• jasonish/suricata-rpms

  Suricata RPMs for CentOS/RHEL and Fedora

  Language:M4195