Clean up whitespace and redirects

This commit is contained in:
rshipp 2016-06-30 20:05:30 -06:00
parent e4046baa69
commit fe57646480
No known key found for this signature in database
GPG Key ID: 1F4037ED24A4D1F0

View File

@ -137,7 +137,7 @@ A curated list of awesome malware analysis tools and resources. Inspired by
*Threat intelligence and IOC resources.* *Threat intelligence and IOC resources.*
* [Autoshun](http://autoshun.org/) ([list](http://autoshun.org/files/shunlist.csv)) - * [Autoshun](https://autoshun.org/) ([list](https://autoshun.org/files/shunlist.csv)) -
Snort plugin and blocklist. Snort plugin and blocklist.
* [CI Army](http://cinsscore.com/) ([list](http://cinsscore.com/list/ci-badguys.txt)) - * [CI Army](http://cinsscore.com/) ([list](http://cinsscore.com/list/ci-badguys.txt)) -
Network security blocklists. Network security blocklists.
@ -229,7 +229,7 @@ A curated list of awesome malware analysis tools and resources. Inspired by
legal concerns by the author. legal concerns by the author.
* [DeepViz](https://www.deepviz.com/) - Multi-format file analyzer with * [DeepViz](https://www.deepviz.com/) - Multi-format file analyzer with
machine-learning classification. machine-learning classification.
* [detux](https://github.com/detuxsandbox/detux/) - A sandbox developed to do traffic analysis * [detux](https://github.com/detuxsandbox/detux/) - A sandbox developed to do traffic analysis
of Linux malwares and capturing IOCs. of Linux malwares and capturing IOCs.
* [Document Analyzer](https://www.document-analyzer.net/) - Free dynamic analysis of DOC and PDF files. * [Document Analyzer](https://www.document-analyzer.net/) - Free dynamic analysis of DOC and PDF files.
* [DRAKVUF](https://github.com/tklengyel/drakvuf) - Dynamic malware analysis * [DRAKVUF](https://github.com/tklengyel/drakvuf) - Dynamic malware analysis
@ -239,7 +239,7 @@ A curated list of awesome malware analysis tools and resources. Inspired by
analysis tool, powered by VxSandbox. analysis tool, powered by VxSandbox.
* [IRMA](http://irma.quarkslab.com/) - An asynchronous and customizable * [IRMA](http://irma.quarkslab.com/) - An asynchronous and customizable
analysis platform for suspicious files. analysis platform for suspicious files.
* [Joe Sandbox](https://www.joesecurity.org) - Deep malware analysis with Joe Sandbox. * [Joe Sandbox](https://www.joesecurity.org) - Deep malware analysis with Joe Sandbox.
* [Jotti](https://virusscan.jotti.org/en) - Free online multi-AV scanner. * [Jotti](https://virusscan.jotti.org/en) - Free online multi-AV scanner.
* [Malheur](https://github.com/rieck/malheur) - Automatic sandboxed analysis * [Malheur](https://github.com/rieck/malheur) - Automatic sandboxed analysis
of malware behavior. of malware behavior.
@ -249,8 +249,8 @@ A curated list of awesome malware analysis tools and resources. Inspired by
analysis of malware. analysis of malware.
* [Metadefender.com](https://www.metadefender.com) - Scan a file, hash or IP * [Metadefender.com](https://www.metadefender.com) - Scan a file, hash or IP
address for malware (free) address for malware (free)
* [NetworkTotal](https://www.networktotal.com/index.html) - A service that analyzes * [NetworkTotal](https://www.networktotal.com/index.html) - A service that analyzes
pcap files and facilitates the quick detection of viruses, worms, trojans, and all pcap files and facilitates the quick detection of viruses, worms, trojans, and all
kinds of malware using Suricata configured with EmergingThreats Pro. kinds of malware using Suricata configured with EmergingThreats Pro.
* [Noriben](https://github.com/Rurik/Noriben) - Uses Sysinternals Procmon to * [Noriben](https://github.com/Rurik/Noriben) - Uses Sysinternals Procmon to
collect information about malware in a sandboxed environment. collect information about malware in a sandboxed environment.
@ -355,8 +355,8 @@ the [browser malware](#browser-malware) section.*
the backend-free version of PDF X-RAY. the backend-free version of PDF X-RAY.
* [peepdf](http://eternal-todo.com/tools/peepdf-pdf-analysis-tool) - Python * [peepdf](http://eternal-todo.com/tools/peepdf-pdf-analysis-tool) - Python
tool for exploring possibly malicious PDFs. tool for exploring possibly malicious PDFs.
* [QuickSand](https://www.quicksand.io/) - QuickSand is a compact C framework * [QuickSand](https://www.quicksand.io/) - QuickSand is a compact C framework
to analyze suspected malware documents to identify exploits in streams of different to analyze suspected malware documents to identify exploits in streams of different
encodings and to locate and extract embedded executables. encodings and to locate and extract embedded executables.
* [Spidermonkey](https://developer.mozilla.org/en-US/docs/Mozilla/Projects/SpiderMonkey) - * [Spidermonkey](https://developer.mozilla.org/en-US/docs/Mozilla/Projects/SpiderMonkey) -
Mozilla's JavaScript engine, for debugging malicious JS. Mozilla's JavaScript engine, for debugging malicious JS.
@ -388,14 +388,14 @@ the [browser malware](#browser-malware) section.*
& [iheartxor](http://hooked-on-mnemonics.blogspot.com/p/iheartxor.html) - & [iheartxor](http://hooked-on-mnemonics.blogspot.com/p/iheartxor.html) -
Two tools from Alexander Hanel for working with single-byte XOR encoded Two tools from Alexander Hanel for working with single-byte XOR encoded
files. files.
* [FLOSS](https://github.com/fireeye/flare-floss) - The FireEye Labs Obfuscated * [FLOSS](https://github.com/fireeye/flare-floss) - The FireEye Labs Obfuscated
String Solver uses advanced static analysis techniques to automatically String Solver uses advanced static analysis techniques to automatically
deobfuscate strings from malware binaries. deobfuscate strings from malware binaries.
* [NoMoreXOR](https://github.com/hiddenillusion/NoMoreXOR) - Guess a 256 byte * [NoMoreXOR](https://github.com/hiddenillusion/NoMoreXOR) - Guess a 256 byte
XOR key using frequency analysis. XOR key using frequency analysis.
* [PackerAttacker](https://github.com/BromiumLabs/PackerAttacker) - A generic * [PackerAttacker](https://github.com/BromiumLabs/PackerAttacker) - A generic
hidden code extractor for Windows malware. hidden code extractor for Windows malware.
* [unpacker](https://github.com/malwaremusings/unpacker/) - Automated malware * [unpacker](https://github.com/malwaremusings/unpacker/) - Automated malware
unpacker for Windows malware based on WinAppDbg. unpacker for Windows malware based on WinAppDbg.
* [unxor](https://github.com/tomchop/unxor/) - Guess XOR keys using * [unxor](https://github.com/tomchop/unxor/) - Guess XOR keys using
known-plaintext attacks. known-plaintext attacks.
@ -414,7 +414,7 @@ the [browser malware](#browser-malware) section.*
* [angr](https://github.com/angr/angr) - Platform-agnostic binary analysis * [angr](https://github.com/angr/angr) - Platform-agnostic binary analysis
framework developed at UCSB's Seclab. framework developed at UCSB's Seclab.
* [bamfdetect](https://github.com/bwall/bamfdetect) - Identifies and extracts * [bamfdetect](https://github.com/bwall/bamfdetect) - Identifies and extracts
information from bots and other malware. information from bots and other malware.
* [BARF](https://github.com/programa-stic/barf-project) - Multiplatform, open * [BARF](https://github.com/programa-stic/barf-project) - Multiplatform, open
source Binary Analysis and Reverse engineering Framework. source Binary Analysis and Reverse engineering Framework.
@ -463,7 +463,7 @@ the [browser malware](#browser-malware) section.*
analysis. analysis.
* [Radare2](http://www.radare.org/r/) - Reverse engineering framework, with * [Radare2](http://www.radare.org/r/) - Reverse engineering framework, with
debugger support. debugger support.
* [ROPMEMU](https://github.com/vrtadmin/ROPMEMU) - A framework to analyze, dissect * [ROPMEMU](https://github.com/vrtadmin/ROPMEMU) - A framework to analyze, dissect
and decompile complex code-reuse attacks. and decompile complex code-reuse attacks.
* [SMRT](https://github.com/pidydx/SMRT) - Sublime Malware Research Tool, a * [SMRT](https://github.com/pidydx/SMRT) - Sublime Malware Research Tool, a
plugin for Sublime 3 to aid with malware analyis. plugin for Sublime 3 to aid with malware analyis.
@ -541,8 +541,8 @@ the [browser malware](#browser-malware) section.*
memory forensics framework. memory forensics framework.
* [VolUtility](https://github.com/kevthehermit/VolUtility) - Web Interface for * [VolUtility](https://github.com/kevthehermit/VolUtility) - Web Interface for
Volatility Memory Analysis framework. Volatility Memory Analysis framework.
* [WinDbg](https://msdn.microsoft.com/en-us/windows/hardware/hh852365) - Live * [WinDbg](https://developer.microsoft.com/en-us/windows/hardware/windows-driver-kit) -
memory inspection and kernel debugging for Windows systems. Live memory inspection and kernel debugging for Windows systems.
## Windows Artifacts ## Windows Artifacts
@ -564,20 +564,20 @@ the [browser malware](#browser-malware) section.*
malware and threat repository. malware and threat repository.
* [Malwarehouse](https://github.com/sroberts/malwarehouse) - Store, tag, and * [Malwarehouse](https://github.com/sroberts/malwarehouse) - Store, tag, and
search malware. search malware.
* [Polichombr](https://github.com/ANSSI-FR/polichombr) - A malware analysis * [Polichombr](https://github.com/ANSSI-FR/polichombr) - A malware analysis
platform designed to help analysts to reverse malwares collaboratively. platform designed to help analysts to reverse malwares collaboratively.
* [Viper](http://viper.li/) - A binary management and analysis framework for * [Viper](http://viper.li/) - A binary management and analysis framework for
analysts and researchers. analysts and researchers.
## Miscellaneous ## Miscellaneous
* [al-khaser](https://github.com/LordNoteworthy/al-khaser) - A PoC malware * [al-khaser](https://github.com/LordNoteworthy/al-khaser) - A PoC malware
with good intentions that aimes to stress anti-malware systems. with good intentions that aimes to stress anti-malware systems.
* [Binarly](http://binar.ly/) - Search engine for bytes in a large corpus * [Binarly](http://www.binar.ly/search) - Search engine for bytes in a large
of malware. corpus of malware.
* [DC3-MWCP](https://github.com/Defense-Cyber-Crime-Center/DC3-MWCP) - * [DC3-MWCP](https://github.com/Defense-Cyber-Crime-Center/DC3-MWCP) -
The Defense Cyber Crime Center's Malware Configuration Parser framework. The Defense Cyber Crime Center's Malware Configuration Parser framework.
* [MalSploitBase](https://github.com/misterch0c/malSploitBase) - A database * [MalSploitBase](https://github.com/misterch0c/malSploitBase) - A database
containing exploits used by malware. containing exploits used by malware.
* [Pafish](https://github.com/a0rtega/pafish) - Paranoid Fish, a demonstration * [Pafish](https://github.com/a0rtega/pafish) - Paranoid Fish, a demonstration
tool that employs several techniques to detect sandboxes and analysis tool that employs several techniques to detect sandboxes and analysis