Dorothy2
A malware/botnet analysis framework with a focus on network analysis and process comparison.
Krakatau provides an assembler and disassembler for Java bytecode, allowing conversion of binary classfiles to human-readable text format, creation of classfiles from scratch by writing bytecode manually, examination and comparison of low-level details of Java binaries, and decompilation of Java binaries to readable source code. It can handle highly obfuscated code and supports some undocumented features found in old versions of the JVM. However, it does not support some Java 8+ features such as lambdas.
A malware/botnet analysis framework with a focus on network analysis and process comparison.
A collection of Android Fakebank and Tizi samples for analyzing spyware on Android devices.
Dynamic binary analysis library with various analysis and emulation capabilities.
A multithreaded YARA scanner for incident response or malware zoos.
Yara mode for GNU Emacs to edit Yara related files
UDcide provides an alternative approach to dealing with Android malware by targeting specific behaviors for removal.