Merge pull request #151 from adepasquale/master

Add misc tools
This commit is contained in:
Ryan Shipp 2018-06-09 12:59:07 -05:00 committed by GitHub
commit 4d91897583
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -212,6 +212,8 @@ A curated list of awesome malware analysis tools and resources. Inspired by
* [ClamAV](http://www.clamav.net/) - Open source antivirus engine. * [ClamAV](http://www.clamav.net/) - Open source antivirus engine.
* [Detect-It-Easy](https://github.com/horsicq/Detect-It-Easy) - A program for * [Detect-It-Easy](https://github.com/horsicq/Detect-It-Easy) - A program for
determining types of files. determining types of files.
* [Exeinfo PE](http://exeinfo.pe.hu/) - Packer, compressor detector, unpack
info, internal exe tools.
* [ExifTool](https://sno.phy.queensu.ca/~phil/exiftool/) - Read, write and * [ExifTool](https://sno.phy.queensu.ca/~phil/exiftool/) - Read, write and
edit file metadata. edit file metadata.
* [File Scanning Framework](https://github.com/EmersonElectricCo/fsf) - * [File Scanning Framework](https://github.com/EmersonElectricCo/fsf) -
@ -233,6 +235,8 @@ executables.
up hashes in NIST's National Software Reference Library database. up hashes in NIST's National Software Reference Library database.
* [packerid](http://handlers.sans.org/jclausing/packerid.py) - A cross-platform * [packerid](http://handlers.sans.org/jclausing/packerid.py) - A cross-platform
Python alternative to PEiD. Python alternative to PEiD.
* [PE-bear](https://hshrzd.wordpress.com/pe-bear/) - Reversing tool for PE
files.
* [PEV](http://pev.sourceforge.net/) - A multiplatform toolkit to work with PE * [PEV](http://pev.sourceforge.net/) - A multiplatform toolkit to work with PE
files, providing feature-rich tools for proper analysis of suspicious binaries. files, providing feature-rich tools for proper analysis of suspicious binaries.
* [Rootkit Hunter](http://rkhunter.sourceforge.net/) - Detect Linux rootkits. * [Rootkit Hunter](http://rkhunter.sourceforge.net/) - Detect Linux rootkits.
@ -382,6 +386,8 @@ executables.
* [Malzilla](http://malzilla.sourceforge.net/) - Analyze malicious web pages. * [Malzilla](http://malzilla.sourceforge.net/) - Analyze malicious web pages.
* [RABCDAsm](https://github.com/CyberShadow/RABCDAsm) - A "Robust * [RABCDAsm](https://github.com/CyberShadow/RABCDAsm) - A "Robust
ActionScript Bytecode Disassembler." ActionScript Bytecode Disassembler."
* [SWF Investigator](https://labs.adobe.com/technologies/swfinvestigator/) -
Static and dynamic analysis of SWF applications.
* [swftools](http://www.swftools.org/) - Tools for working with Adobe Flash * [swftools](http://www.swftools.org/) - Tools for working with Adobe Flash
files. files.
* [xxxswf](http://hooked-on-mnemonics.blogspot.com/2011/12/xxxswfpy.html) - A * [xxxswf](http://hooked-on-mnemonics.blogspot.com/2011/12/xxxswfpy.html) - A
@ -501,6 +507,8 @@ the [browser malware](#browser-malware) section.*
- A binary analysis platform based   on QEMU. DroidScope is now an extension to DECAF. - A binary analysis platform based   on QEMU. DroidScope is now an extension to DECAF.
* [dnSpy](https://github.com/0xd4d/dnSpy) - .NET assembly editor, decompiler * [dnSpy](https://github.com/0xd4d/dnSpy) - .NET assembly editor, decompiler
and debugger. and debugger.
* [dotPeek](https://www.jetbrains.com/decompiler/) - Free .NET Decompiler and
Assembly Browser.
* [Evan's Debugger (EDB)](http://codef00.com/projects#debugger) - A * [Evan's Debugger (EDB)](http://codef00.com/projects#debugger) - A
modular debugger with a Qt GUI. modular debugger with a Qt GUI.
* [Fibratus](https://github.com/rabbitstack/fibratus) - Tool for exploration * [Fibratus](https://github.com/rabbitstack/fibratus) - Tool for exploration