Maldrolyzer
Simple framework to extract "actionable" data from Android malware (C&Cs, phone numbers etc.) Installation: You have to install the following packets before you start using this project: Androguard (git clone https://github.com/androguard/androguard; cd androguard; sudo python setup.py install) PyCrypto (easy_install pycrypto) pyelftools (easy_install pyelftools) yara (easy_install yara) Architecture: The project has couple of directories, which host a place for you static analysis or output processing: plugins - this is were the code responsible for the malware identification and data extraction is. Every class has to inherit from Plugin class from templates. Method recon identifies the malware - put there all of the code you need to make sure you can extract the data. Method extract does the usual extraction. There is no specific format for the extracted data, but it's good to keep it in Python dictionary, so that the ouput processors could read it in a uniform way. processing - this is were you put classes that inherit from OutputProcessor class. They are invoked after the data extraction and get the extracted info. process method takes
FEATURES
ALTERNATIVES
A tool for signature analysis of RTF files to detect potentially unique parts and malicious documents.
A blog post discussing INF-SCT fetch and execute techniques for bypass, evasion, and persistence
Java code implementing the AutoYara algorithm for automatic Yara rule generation from input samples.
Binary Ninja is an interactive decompiler, disassembler, debugger, and binary analysis platform with a focus on automation and a clean GUI.
A debugger tool for reverse engineers, crackers, and security analysts, with a user-friendly debugging UI and custom agent support.
A Go library for manipulating YARA rulesets with the ability to programatically change metadata, rule names, and more.
A payload creation framework for the retrieval and execution of arbitrary CSharp source code.
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
RoboShadow
A cybersecurity platform that offers vulnerability scanning, Windows Defender and 3rd party AV management, and MFA compliance reporting, among other features.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.