mirror of
https://github.com/rshipp/awesome-malware-analysis.git
synced 2024-12-18 10:26:07 +00:00
Clean up whitespace and redirects
This commit is contained in:
parent
e4046baa69
commit
fe57646480
38
README.md
38
README.md
@ -137,7 +137,7 @@ A curated list of awesome malware analysis tools and resources. Inspired by
|
||||
|
||||
*Threat intelligence and IOC resources.*
|
||||
|
||||
* [Autoshun](http://autoshun.org/) ([list](http://autoshun.org/files/shunlist.csv)) -
|
||||
* [Autoshun](https://autoshun.org/) ([list](https://autoshun.org/files/shunlist.csv)) -
|
||||
Snort plugin and blocklist.
|
||||
* [CI Army](http://cinsscore.com/) ([list](http://cinsscore.com/list/ci-badguys.txt)) -
|
||||
Network security blocklists.
|
||||
@ -229,7 +229,7 @@ A curated list of awesome malware analysis tools and resources. Inspired by
|
||||
legal concerns by the author.
|
||||
* [DeepViz](https://www.deepviz.com/) - Multi-format file analyzer with
|
||||
machine-learning classification.
|
||||
* [detux](https://github.com/detuxsandbox/detux/) - A sandbox developed to do traffic analysis
|
||||
* [detux](https://github.com/detuxsandbox/detux/) - A sandbox developed to do traffic analysis
|
||||
of Linux malwares and capturing IOCs.
|
||||
* [Document Analyzer](https://www.document-analyzer.net/) - Free dynamic analysis of DOC and PDF files.
|
||||
* [DRAKVUF](https://github.com/tklengyel/drakvuf) - Dynamic malware analysis
|
||||
@ -239,7 +239,7 @@ A curated list of awesome malware analysis tools and resources. Inspired by
|
||||
analysis tool, powered by VxSandbox.
|
||||
* [IRMA](http://irma.quarkslab.com/) - An asynchronous and customizable
|
||||
analysis platform for suspicious files.
|
||||
* [Joe Sandbox](https://www.joesecurity.org) - Deep malware analysis with Joe Sandbox.
|
||||
* [Joe Sandbox](https://www.joesecurity.org) - Deep malware analysis with Joe Sandbox.
|
||||
* [Jotti](https://virusscan.jotti.org/en) - Free online multi-AV scanner.
|
||||
* [Malheur](https://github.com/rieck/malheur) - Automatic sandboxed analysis
|
||||
of malware behavior.
|
||||
@ -249,8 +249,8 @@ A curated list of awesome malware analysis tools and resources. Inspired by
|
||||
analysis of malware.
|
||||
* [Metadefender.com](https://www.metadefender.com) - Scan a file, hash or IP
|
||||
address for malware (free)
|
||||
* [NetworkTotal](https://www.networktotal.com/index.html) - A service that analyzes
|
||||
pcap files and facilitates the quick detection of viruses, worms, trojans, and all
|
||||
* [NetworkTotal](https://www.networktotal.com/index.html) - A service that analyzes
|
||||
pcap files and facilitates the quick detection of viruses, worms, trojans, and all
|
||||
kinds of malware using Suricata configured with EmergingThreats Pro.
|
||||
* [Noriben](https://github.com/Rurik/Noriben) - Uses Sysinternals Procmon to
|
||||
collect information about malware in a sandboxed environment.
|
||||
@ -355,8 +355,8 @@ the [browser malware](#browser-malware) section.*
|
||||
the backend-free version of PDF X-RAY.
|
||||
* [peepdf](http://eternal-todo.com/tools/peepdf-pdf-analysis-tool) - Python
|
||||
tool for exploring possibly malicious PDFs.
|
||||
* [QuickSand](https://www.quicksand.io/) - QuickSand is a compact C framework
|
||||
to analyze suspected malware documents to identify exploits in streams of different
|
||||
* [QuickSand](https://www.quicksand.io/) - QuickSand is a compact C framework
|
||||
to analyze suspected malware documents to identify exploits in streams of different
|
||||
encodings and to locate and extract embedded executables.
|
||||
* [Spidermonkey](https://developer.mozilla.org/en-US/docs/Mozilla/Projects/SpiderMonkey) -
|
||||
Mozilla's JavaScript engine, for debugging malicious JS.
|
||||
@ -388,14 +388,14 @@ the [browser malware](#browser-malware) section.*
|
||||
& [iheartxor](http://hooked-on-mnemonics.blogspot.com/p/iheartxor.html) -
|
||||
Two tools from Alexander Hanel for working with single-byte XOR encoded
|
||||
files.
|
||||
* [FLOSS](https://github.com/fireeye/flare-floss) - The FireEye Labs Obfuscated
|
||||
String Solver uses advanced static analysis techniques to automatically
|
||||
* [FLOSS](https://github.com/fireeye/flare-floss) - The FireEye Labs Obfuscated
|
||||
String Solver uses advanced static analysis techniques to automatically
|
||||
deobfuscate strings from malware binaries.
|
||||
* [NoMoreXOR](https://github.com/hiddenillusion/NoMoreXOR) - Guess a 256 byte
|
||||
XOR key using frequency analysis.
|
||||
* [PackerAttacker](https://github.com/BromiumLabs/PackerAttacker) - A generic
|
||||
hidden code extractor for Windows malware.
|
||||
* [unpacker](https://github.com/malwaremusings/unpacker/) - Automated malware
|
||||
* [unpacker](https://github.com/malwaremusings/unpacker/) - Automated malware
|
||||
unpacker for Windows malware based on WinAppDbg.
|
||||
* [unxor](https://github.com/tomchop/unxor/) - Guess XOR keys using
|
||||
known-plaintext attacks.
|
||||
@ -414,7 +414,7 @@ the [browser malware](#browser-malware) section.*
|
||||
|
||||
* [angr](https://github.com/angr/angr) - Platform-agnostic binary analysis
|
||||
framework developed at UCSB's Seclab.
|
||||
* [bamfdetect](https://github.com/bwall/bamfdetect) - Identifies and extracts
|
||||
* [bamfdetect](https://github.com/bwall/bamfdetect) - Identifies and extracts
|
||||
information from bots and other malware.
|
||||
* [BARF](https://github.com/programa-stic/barf-project) - Multiplatform, open
|
||||
source Binary Analysis and Reverse engineering Framework.
|
||||
@ -463,7 +463,7 @@ the [browser malware](#browser-malware) section.*
|
||||
analysis.
|
||||
* [Radare2](http://www.radare.org/r/) - Reverse engineering framework, with
|
||||
debugger support.
|
||||
* [ROPMEMU](https://github.com/vrtadmin/ROPMEMU) - A framework to analyze, dissect
|
||||
* [ROPMEMU](https://github.com/vrtadmin/ROPMEMU) - A framework to analyze, dissect
|
||||
and decompile complex code-reuse attacks.
|
||||
* [SMRT](https://github.com/pidydx/SMRT) - Sublime Malware Research Tool, a
|
||||
plugin for Sublime 3 to aid with malware analyis.
|
||||
@ -541,8 +541,8 @@ the [browser malware](#browser-malware) section.*
|
||||
memory forensics framework.
|
||||
* [VolUtility](https://github.com/kevthehermit/VolUtility) - Web Interface for
|
||||
Volatility Memory Analysis framework.
|
||||
* [WinDbg](https://msdn.microsoft.com/en-us/windows/hardware/hh852365) - Live
|
||||
memory inspection and kernel debugging for Windows systems.
|
||||
* [WinDbg](https://developer.microsoft.com/en-us/windows/hardware/windows-driver-kit) -
|
||||
Live memory inspection and kernel debugging for Windows systems.
|
||||
|
||||
## Windows Artifacts
|
||||
|
||||
@ -564,20 +564,20 @@ the [browser malware](#browser-malware) section.*
|
||||
malware and threat repository.
|
||||
* [Malwarehouse](https://github.com/sroberts/malwarehouse) - Store, tag, and
|
||||
search malware.
|
||||
* [Polichombr](https://github.com/ANSSI-FR/polichombr) - A malware analysis
|
||||
* [Polichombr](https://github.com/ANSSI-FR/polichombr) - A malware analysis
|
||||
platform designed to help analysts to reverse malwares collaboratively.
|
||||
* [Viper](http://viper.li/) - A binary management and analysis framework for
|
||||
analysts and researchers.
|
||||
|
||||
## Miscellaneous
|
||||
|
||||
* [al-khaser](https://github.com/LordNoteworthy/al-khaser) - A PoC malware
|
||||
* [al-khaser](https://github.com/LordNoteworthy/al-khaser) - A PoC malware
|
||||
with good intentions that aimes to stress anti-malware systems.
|
||||
* [Binarly](http://binar.ly/) - Search engine for bytes in a large corpus
|
||||
of malware.
|
||||
* [Binarly](http://www.binar.ly/search) - Search engine for bytes in a large
|
||||
corpus of malware.
|
||||
* [DC3-MWCP](https://github.com/Defense-Cyber-Crime-Center/DC3-MWCP) -
|
||||
The Defense Cyber Crime Center's Malware Configuration Parser framework.
|
||||
* [MalSploitBase](https://github.com/misterch0c/malSploitBase) - A database
|
||||
* [MalSploitBase](https://github.com/misterch0c/malSploitBase) - A database
|
||||
containing exploits used by malware.
|
||||
* [Pafish](https://github.com/a0rtega/pafish) - Paranoid Fish, a demonstration
|
||||
tool that employs several techniques to detect sandboxes and analysis
|
||||
|
Loading…
Reference in New Issue
Block a user