mirror of
https://github.com/rshipp/awesome-malware-analysis.git
synced 2024-12-18 10:26:07 +00:00
commit
4d91897583
@ -212,6 +212,8 @@ A curated list of awesome malware analysis tools and resources. Inspired by
|
||||
* [ClamAV](http://www.clamav.net/) - Open source antivirus engine.
|
||||
* [Detect-It-Easy](https://github.com/horsicq/Detect-It-Easy) - A program for
|
||||
determining types of files.
|
||||
* [Exeinfo PE](http://exeinfo.pe.hu/) - Packer, compressor detector, unpack
|
||||
info, internal exe tools.
|
||||
* [ExifTool](https://sno.phy.queensu.ca/~phil/exiftool/) - Read, write and
|
||||
edit file metadata.
|
||||
* [File Scanning Framework](https://github.com/EmersonElectricCo/fsf) -
|
||||
@ -233,6 +235,8 @@ executables.
|
||||
up hashes in NIST's National Software Reference Library database.
|
||||
* [packerid](http://handlers.sans.org/jclausing/packerid.py) - A cross-platform
|
||||
Python alternative to PEiD.
|
||||
* [PE-bear](https://hshrzd.wordpress.com/pe-bear/) - Reversing tool for PE
|
||||
files.
|
||||
* [PEV](http://pev.sourceforge.net/) - A multiplatform toolkit to work with PE
|
||||
files, providing feature-rich tools for proper analysis of suspicious binaries.
|
||||
* [Rootkit Hunter](http://rkhunter.sourceforge.net/) - Detect Linux rootkits.
|
||||
@ -382,6 +386,8 @@ executables.
|
||||
* [Malzilla](http://malzilla.sourceforge.net/) - Analyze malicious web pages.
|
||||
* [RABCDAsm](https://github.com/CyberShadow/RABCDAsm) - A "Robust
|
||||
ActionScript Bytecode Disassembler."
|
||||
* [SWF Investigator](https://labs.adobe.com/technologies/swfinvestigator/) -
|
||||
Static and dynamic analysis of SWF applications.
|
||||
* [swftools](http://www.swftools.org/) - Tools for working with Adobe Flash
|
||||
files.
|
||||
* [xxxswf](http://hooked-on-mnemonics.blogspot.com/2011/12/xxxswfpy.html) - A
|
||||
@ -501,6 +507,8 @@ the [browser malware](#browser-malware) section.*
|
||||
- A binary analysis platform based on QEMU. DroidScope is now an extension to DECAF.
|
||||
* [dnSpy](https://github.com/0xd4d/dnSpy) - .NET assembly editor, decompiler
|
||||
and debugger.
|
||||
* [dotPeek](https://www.jetbrains.com/decompiler/) - Free .NET Decompiler and
|
||||
Assembly Browser.
|
||||
* [Evan's Debugger (EDB)](http://codef00.com/projects#debugger) - A
|
||||
modular debugger with a Qt GUI.
|
||||
* [Fibratus](https://github.com/rabbitstack/fibratus) - Tool for exploration
|
||||
|
Loading…
Reference in New Issue
Block a user