Malheur
Automatic analysis of malware behavior using machine learning.
PLASMA is an interactive disassembler that can generate more readable assembly (pseudo code) with colored syntax. It supports architectures like x86{64}, ARM, MIPS{64} (partially for ARM and MIPS) and formats such as ELF, PE, RAW. The project is still in active development and provides a Python API for scripting. Note that until structures and type definitions are implemented, database compatibility could be broken. Requirements include Python >= 3.4, capstone, python-pyelftools, pefile, python3-future, python-msgpack, c++filt, and a terminal supporting UTF8 and 256 colors. Optional components include python-qt4 for the memory map and keystone for the script asm.py. Installation can be done using the provided script.
Automatic analysis of malware behavior using machine learning.
Ropper is a tool for analyzing binary files and searching for gadgets to build rop chains for different architectures.
A minimal library to generate YARA rules from JAVA with maven support.
A powerful tool for detecting and identifying malware using a rule-based system.
Java code implementing the AutoYara algorithm for automatic Yara rule generation from input samples.
IDA Pro plugin for finding crypto constants