Find multi-byte-encoded strings in binary data (Gitlab mirror).
A machine learning tool that ranks strings based on their relevance for malware analysis.
Stuxnet extracted binaries by reversing & Stuxnet Rootkit Analysis
A massive, curated collection of information security books, study guides, cheat sheets, and resources. This library is intended for educati…
Single file php webshell scanner to detect potentially malicious backdoor based on token and hash with web interface
Suzaku (朱雀) is a sigma-based threat hunting and fast forensics timeline generator for cloud logs.
SVG Analysis and generation tools for commonly seen SVG attachment phishing
select * from logs; Tailpipe is an open source SIEM for instant log insights, powered by DuckDB. Analyze millions of events in seconds, righ…
TCP/IP packet demultiplexer. Download from:
Tenzir is the data pipeline engine for security teams.
A high-risk archive of historical malware, exploit kits, crypters, and webshells for educational and cybersecurity research purposes. None o…
thehive4py the de facto Python API client of TheHive …
ThePhish: an automated phishing email analysis tool
A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open an…
A scalable file analysis and data generation platform that allows users to easily orchestrate arbitrary docker/vm/shell tools at scale.
Awesome list of keywords and artifacts for Threat Hunting sessions
yara detection rules for hunting with the threathunting-keywords project
Raw data from Threat Intelligence Reports with automatic reports collection and keyword search across thousands of reports
Collaborative forensic timeline analysis
A Pin Tool for tracing API calls etc
The essential toolkit for reversing, malware analysis, and cracking
Decentralised P2P botnet using toxcore.
Digital forensic analysis tool that provides a user-friendly interface for investigating disk images.
Deep Linux runtime visibility meets Wireshark