add python_mmdt

This commit is contained in:
ddvv 2021-02-01 17:04:01 +08:00
parent 8421117304
commit 6d6e44b320
2 changed files with 40 additions and 36 deletions

View File

@ -6,29 +6,30 @@ A curated list of awesome malware analysis tools and resources. Inspired by
[![Drop ICE](drop.png)](https://twitter.com/githubbers/status/1182017616740663296) [![Drop ICE](drop.png)](https://twitter.com/githubbers/status/1182017616740663296)
- [Malware Collection](#malware-collection) - [Awesome Malware Analysis ![Awesome](https://github.com/sindresorhus/awesome)](#awesome-malware-analysis-)
- [Malware Collection](#malware-collection)
- [Anonymizers](#anonymizers) - [Anonymizers](#anonymizers)
- [Honeypots](#honeypots) - [Honeypots](#honeypots)
- [Malware Corpora](#malware-corpora) - [Malware Corpora](#malware-corpora)
- [Open Source Threat Intelligence](#open-source-threat-intelligence) - [Open Source Threat Intelligence](#open-source-threat-intelligence)
- [Tools](#tools) - [Tools](#tools)
- [Other Resources](#other-resources) - [Other Resources](#other-resources)
- [Detection and Classification](#detection-and-classification) - [Detection and Classification](#detection-and-classification)
- [Online Scanners and Sandboxes](#online-scanners-and-sandboxes) - [Online Scanners and Sandboxes](#online-scanners-and-sandboxes)
- [Domain Analysis](#domain-analysis) - [Domain Analysis](#domain-analysis)
- [Browser Malware](#browser-malware) - [Browser Malware](#browser-malware)
- [Documents and Shellcode](#documents-and-shellcode) - [Documents and Shellcode](#documents-and-shellcode)
- [File Carving](#file-carving) - [File Carving](#file-carving)
- [Deobfuscation](#deobfuscation) - [Deobfuscation](#deobfuscation)
- [Debugging and Reverse Engineering](#debugging-and-reverse-engineering) - [Debugging and Reverse Engineering](#debugging-and-reverse-engineering)
- [Network](#network) - [Network](#network)
- [Memory Forensics](#memory-forensics) - [Memory Forensics](#memory-forensics)
- [Windows Artifacts](#windows-artifacts) - [Windows Artifacts](#windows-artifacts)
- [Storage and Workflow](#storage-and-workflow) - [Storage and Workflow](#storage-and-workflow)
- [Miscellaneous](#miscellaneous) - [Miscellaneous](#miscellaneous)
- [Resources](#resources) - [Resources](#resources)
- [Books](#books) - [Books](#books)
- [Other](#other) - [Other](#other)
- [Related Awesome Lists](#related-awesome-lists) - [Related Awesome Lists](#related-awesome-lists)
- [Contributing](#contributing) - [Contributing](#contributing)
- [Thanks](#thanks) - [Thanks](#thanks)
@ -265,6 +266,7 @@ executables.
* [PEV](http://pev.sourceforge.net/) - A multiplatform toolkit to work with PE * [PEV](http://pev.sourceforge.net/) - A multiplatform toolkit to work with PE
files, providing feature-rich tools for proper analysis of suspicious binaries. files, providing feature-rich tools for proper analysis of suspicious binaries.
* [PortEx](https://github.com/katjahahn/PortEx) - Java library to analyse PE files with a special focus on malware analysis and PE malformation robustness. * [PortEx](https://github.com/katjahahn/PortEx) - Java library to analyse PE files with a special focus on malware analysis and PE malformation robustness.
* [python_mmdt](https://github.com/a232319779/python_mmdt) - Malicious code detection tool based on local sensitive hashing and machine learning.
* [Quark-Engine](https://github.com/quark-engine/quark-engine) - An Obfuscation-Neglect Android Malware Scoring System * [Quark-Engine](https://github.com/quark-engine/quark-engine) - An Obfuscation-Neglect Android Malware Scoring System
* [Rootkit Hunter](http://rkhunter.sourceforge.net/) - Detect Linux rootkits. * [Rootkit Hunter](http://rkhunter.sourceforge.net/) - Detect Linux rootkits.
* [ssdeep](https://ssdeep-project.github.io/ssdeep/) - Compute fuzzy hashes. * [ssdeep](https://ssdeep-project.github.io/ssdeep/) - Compute fuzzy hashes.

View File

@ -3,31 +3,32 @@
这个列表记录着那些令人称赞的恶意软件分析工具和资源。受到 [awesome-python](https://github.com/vinta/awesome-python) 和 [awesome-php](https://github.com/ziadoz/awesome-php) 的启迪。 这个列表记录着那些令人称赞的恶意软件分析工具和资源。受到 [awesome-python](https://github.com/vinta/awesome-python) 和 [awesome-php](https://github.com/ziadoz/awesome-php) 的启迪。
- [恶意软件集合](#恶意软件集合) - [恶意软件分析大合集 ![Awesome](https://github.com/sindresorhus/awesome)](#恶意软件分析大合集-)
- [恶意软件集合](#恶意软件集合)
- [匿名代理](#匿名代理) - [匿名代理](#匿名代理)
- [蜜罐](#蜜罐) - [蜜罐](#蜜罐)
- [恶意软件样本库](#恶意软件样本库) - [恶意软件样本库](#恶意软件样本库)
- [开源威胁情报](#开源威胁情报) - [开源威胁情报](#开源威胁情报)
- [工具](#工具) - [工具](#工具)
- [其他资源](#其他资源) - [其他资源](#其他资源)
- [检测与分类](#检测与分类) - [检测与分类](#检测与分类)
- [在线扫描与沙盒](#在线扫描与沙盒) - [在线扫描与沙盒](#在线扫描与沙盒)
- [域名分析](#域名分析) - [域名分析](#域名分析)
- [浏览器恶意软件](#浏览器恶意软件) - [浏览器恶意软件](#浏览器恶意软件)
- [文档和 Shellcode](#文档和-Shellcode) - [文档和 Shellcode](#文档和-shellcode)
- [文件提取](#文件提取) - [文件提取](#文件提取)
- [去混淆](#去混淆) - [去混淆](#去混淆)
- [调试与逆向工程](#调试与逆向工程) - [调试和逆向工程](#调试和逆向工程)
- [网络](#网络) - [网络](#网络)
- [内存取证](#内存取证) - [内存取证](#内存取证)
- [Windows 神器](#Windows-神器) - [Windows 神器](#windows-神器)
- [存储和工作流](#存储和工作流) - [存储和工作流](#存储和工作流)
- [杂项](#杂项) - [杂项](#杂项)
- [资源](#资源) - [资源](#资源)
- [书籍](#书籍) - [书籍](#书籍)
- [其它](#其它) - [其它](#其它)
- [相关 Awesome 清单](#相关-Awesome-清单) - [相关 Awesome 清单](#相关-awesome-清单)
- [贡献](#做出贡献) - [做出贡献](#做出贡献)
- [致谢](#致谢) - [致谢](#致谢)
--- ---
@ -177,6 +178,7 @@
* [PEframe](https://github.com/guelfoweb/peframe) - PEframe 可以对 PE 文件与 Office 文档文件进行静态分析 * [PEframe](https://github.com/guelfoweb/peframe) - PEframe 可以对 PE 文件与 Office 文档文件进行静态分析
* [PEV](http://pev.sourceforge.net/) - 为正确分析可疑的二进制文件提供功能丰富工具的 PE 文件多平台分析工具集 * [PEV](http://pev.sourceforge.net/) - 为正确分析可疑的二进制文件提供功能丰富工具的 PE 文件多平台分析工具集
* [PortEx](https://github.com/katjahahn/PortEx) - 聚焦于与 PE 文件相关恶意软件分析的 Java 库 * [PortEx](https://github.com/katjahahn/PortEx) - 聚焦于与 PE 文件相关恶意软件分析的 Java 库
* [python_mmdt](https://github.com/a232319779/python_mmdt) - 基于局部敏感哈希与机器学习的恶意代码检测工具
* [Quark-Engine](https://github.com/quark-engine/quark-engine) - 能够对抗混淆的 Android 恶意软件评估系统 * [Quark-Engine](https://github.com/quark-engine/quark-engine) - 能够对抗混淆的 Android 恶意软件评估系统
* [Rootkit Hunter](http://rkhunter.sourceforge.net/) - 检测 Linux 的 rootkits * [Rootkit Hunter](http://rkhunter.sourceforge.net/) - 检测 Linux 的 rootkits
* [ssdeep](https://ssdeep-project.github.io/ssdeep/) - 计算模糊哈希值 * [ssdeep](https://ssdeep-project.github.io/ssdeep/) - 计算模糊哈希值