Search Results for "malware"
Sort By:
Showing 15 open source projects for "malware"
View related business solutions-
$300 Free Credits for Your Google Cloud ProjectsLaunch your next project with $300 in free Google Cloud credits—no strings attached. Test, build, and deploy without risk. Use your credits across the entire Google Cloud platform to find what works best for your needs. After your credits are used, continue with always-free tier services. Only pay when you're ready to scale. Sign up in minutes and start exploring.
-
Our Free Plans just got better! | Auth0You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
-
1
Portable Executable Parser
lightweight Go package to parse, analyze and extract metadata
Saferwall PE is a lightweight Go package for parsing, analyzing, and extracting metadata from Portable Executable (PE) binaries. Designed with malware analysis in mind, it is robust against malformed PE files and provides detailed insights into executable structures. -
2
hollows_hunter
Recognizes and dumps a variety of potentially malicious implants
Hollows Hunter is a command-line malware analysis tool based on the PE-sieve passive memory scanner. It scans running processes, or even the full system, to identify potentially malicious implants. The tool can recognize and dump suspicious artifacts such as replaced PEs, injected PEs, shellcode, hooks, and in-memory patches. Unlike PE-sieve’s more process-specific workflow, Hollows Hunter can select targets using broader criteria such as process IDs, process names, or creation time. ... -
3
Capstone
Capstone disassembly/disassembler framework
Capstone is a disassembly framework with the target of becoming the ultimate disasm engine for binary analysis and reversing in the security community. Created by Nguyen Anh Quynh, then developed and maintained by a small community, Capstone offers some unparalleled features. Support multiple hardware architectures: ARM, ARM64 (ARMv8), Ethereum VM, M68K, Mips, MOS65XX, PPC, Sparc, SystemZ, TMS320C64X, M680X, XCore and X86 (including X86_64). Having clean/simple/lightweight/intuitive... -
4
LIEF
LIEF - Library to Instrument Executable Formats (C++, Python, Rust)
LIEF (Library to Instrument Executable Formats) is a cross-platform library that enables parsing, modifying, and abstracting executable formats such as ELF, PE, and Mach-O. It's widely used in reverse engineering and binary analysis. -
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
5
Maltrail
Malicious traffic detection system
Maltrail is a malicious traffic detection system, utilizing publicly available (black)lists containing malicious and/or generally suspicious trails, along with static trails compiled from various AV reports and custom user-defined lists, where trail can be anything from domain name, URL, IP address (e.g. 185.130.5.231 for the known attacker) or HTTP User-Agent header value (e.g. sqlmap for automatic SQL injection and database takeover tool). Also, it uses (optional) advanced heuristic mechanisms that can help in the discovery of unknown threats (e.g. new malware). Sensor(s) is a standalone component running on the monitoring node (e.g. Linux platform connected passively to the SPAN/mirroring port or transparently inline on a Linux bridge) or at the standalone machine (e.g. Honeypot) where it "monitors" the passing Traffic for blacklisted items/trails (i.e. domain names, URLs and/or IPs). -
6
Volatility
An advanced memory forensics framework
Volatility is a widely used open-source framework for analyzing memory captures (RAM dumps) from Windows, Linux, and macOS systems. It enables investigators and malware analysts to extract process lists, network connections, DLLs, strings, artifacts, and more. Volatility supports many plugins for detecting hidden processes, malware, rootkits, and event tracing. It’s essential in digital forensics and incident response workflows. -
7
url-checker-php-sdk
Official PHP SDK for the EmailVeritas URL Checker API
The EmailVeritas URL Checker PHP SDK provides real-time phishing and malicious link detection through the official EmailVeritas API. It enables developers to classify and analyze URLs directly from PHP applications using simple methods for URL Lookup and URL Scan. Lightweight and dependency-free, the SDK performs redirect-chain, WHOIS, and HTML metadata analysis. Composer support makes integration seamless with PSR-4 autoloading. Ideal for CRMs, contact forms, and security... -
8
TraceMAC - Traceroute for MAC addresses
TraceMAC is a command-line Layer 2 traceroute for Cisco switches
...Is tested with Cisco switches: Catalyst: 2960,3560,3750,4948,6509,9200,9300,9500 (All protocols) Nexus: C9332C, 93180YC-EX (NX-OS SSH) Express 500 (HTTP) FYI: It uses Nbtscan.exe (NetBIOS) as a alternative method to discover the mac address of a host and now seems that it is considered a malware. Anyway it is just a simple network tool that can scan the network similar to NMAP or Angry IP Scanner, etc... -
9
readpe
The PE file analysis toolkit
readpe (formerly known as pev) is a multiplatform toolkit to work with PE (Portable Executable) binaries. Its main goal is to provide feature-rich tools for properly analyze binaries with a strong focus on suspicious ones. -
Build Agents and Models on One PlatformGemini Enterprise Agent Platform is Google Cloud's comprehensive platform for developers to build, scale, govern, and optimize agents and models. Choose from Google's most advanced models and third-party models like Anthropic's Claude Model Family.
-
10
What is DracOS GNU/Linux Remastered ? DracOS GNU/Linux Remastered ( https://github.com/dracos-linux ) is the Linux operating system from Indonesia , open source is built based on Debian live project under the protection of the GNU General Public License v3.0. This operating system is one variant of Linux distributions, which is used to perform security testing (penetration testing). Dracos linux in Arm by hundreds hydraulic pentest, forensics and reverse engineering. Use a GUI-based...
-
11
Dr0p1t-Framework
A framework that create an advanced stealthy dropper
Dr0p1t-Framework is a penetration testing tool designed to generate advanced and stealthy droppers capable of delivering and executing payloads on target systems while evading detection mechanisms. A dropper is a type of malware used to download and install additional malicious software, and this framework focuses on making that process more flexible and difficult to detect. It provides a wide range of modules that allow users to customize payload delivery, persistence mechanisms, and execution methods. The framework includes features such as antivirus evasion, privilege escalation, and system persistence, enabling it to maintain access on compromised systems. ... -
12
ESSPEE - Penetration Testing & Forensics
(Android Forensics & Malware Analysis Included)
...Thanks to Back Track, Blackbuntu, CAINE and DEFT and many others for inspiration. Being a sole developer to this distro, I wish it would help Open Source community with a better interface for Vulnerability Analysis, Penetration Testing, Malware analysis, Android and Cyber Forensics. I really enjoyed my work for the last three years. Please let me know about bugs and if possible provide solution also. -
13
Access Road
Simulator of access controls
...Access Road provides a full simulation of MySQL Server. This includes the components, the users, the hosts and the privileges at any level. The focus is on IT weak configurations, executing environments (malware analysis) and people authorizations. Reliability and the ability to explain the results are the main objectives. A 80 pages tutorial is provided. A powerful framework allows new simulations to be added. Access Road simulates and explains, combining complete modeling, visual results and detailed texts. -
14
A hardware supported hypervisor originally built for malware analysis. Features: Linux VM introspection, minimal detectability, small (~150KB), simple, and well documented. Can be used for other purposes. Support for Intel-VT & Windows coming soon.
-
15
Clam AntiVirus Client Library provides a simple API to the ClamAV daemon. ClamAVC does not require ClamAV to be installed. ClamAVC communicates with clamd using clamd's documented protocol using either TCP or a local Unix domain socket.
- Previous
- You're on page 1
- Next
