QuickSand Logo

QuickSand

0
Free
Visit Website

QuickSand is a compact C framework designed to analyze suspected malware documents, with the ability to identify exploits in streams of different encodings and extract embedded executables, supporting file formats like doc, docx, ppt, pptx, xls, xlsx, and more, including PDF. It can detect documents containing zero-day or unknown obfuscated exploits, with features like XOR Bitwise, math ciphers, executable extraction for Windows, Mac, Linux, VBA, exploit search, Yara signatures, and more.

FEATURES

ALTERNATIVES

A GitHub repository for fuzzing and testing file formats

A web-based manager for Yara rules, allowing for storage, editing, and management of Yara rules.

A tool for injecting and loading executables with a focus on stealth techniques.

Boomerang Decompiler is a machine code decompiler supporting various architectures and file formats, with a focus on high-level language output.

A tool for reverse engineering Android apk files.

UDcide provides an alternative approach to dealing with Android malware by targeting specific behaviors for removal.

FSF is a modular, recursive file scanning solution that enables analysts to extend the utility of Yara signatures and define actionable intelligence within a file.

Ropper is a tool for analyzing binary files and searching for gadgets to build rop chains for different architectures.