mirror of
https://github.com/rshipp/awesome-malware-analysis.git
synced 2025-01-05 21:00:54 -05:00
Merge pull request #111 from rshipp/hslatman-patch-1
Add FAME by CERT Société Générale
This commit is contained in:
commit
74b051873b
17
README.md
17
README.md
@ -61,7 +61,7 @@ A curated list of awesome malware analysis tools and resources. Inspired by
|
||||
[Dionaea](https://github.com/DinoTools/dionaea) - Honeypot designed to trap malware.
|
||||
* [Glastopf](https://github.com/mushorg/glastopf) - Web application honeypot.
|
||||
* [Honeyd](http://www.honeyd.org/) - Create a virtual honeynet.
|
||||
* [HoneyDrive](http://bruteforce.gr/honeydrive) - Honeypot bundle Linux distro.
|
||||
* [HoneyDrive](http://bruteforcelab.com/honeydrive) - Honeypot bundle Linux distro.
|
||||
* [Mnemosyne](https://github.com/johnnykv/mnemosyne) - A normalizer for
|
||||
honeypot data; supports Dionaea.
|
||||
* [Thug](https://github.com/buffer/thug) - Low interaction honeyclient, for
|
||||
@ -152,8 +152,6 @@ A curated list of awesome malware analysis tools and resources. Inspired by
|
||||
Network security blocklists.
|
||||
* [Critical Stack- Free Intel Market](https://intel.criticalstack.com) - Free
|
||||
intel aggregator with deduplication featuring 90+ feeds and over 1.2M indicators.
|
||||
* [CRDF ThreatCenter](http://threatcenter.crdf.fr/) - List of new threats detected
|
||||
by CRDF anti-malware.
|
||||
* [Cybercrime tracker](http://cybercrime-tracker.net/) - Multiple botnet active tracker.
|
||||
* [FireEye IOCs](https://github.com/fireeye/iocs) - Indicators of Compromise
|
||||
shared publicly by FireEye.
|
||||
@ -463,7 +461,7 @@ the [browser malware](#browser-malware) section.*
|
||||
modular debugger with a Qt GUI.
|
||||
* [Fibratus](https://github.com/rabbitstack/fibratus) - Tool for exploration
|
||||
and tracing of the Windows kernel.
|
||||
* [FPort](http://www.mcafee.com/us/downloads/free-tools/fport.aspx#) - Reports
|
||||
* [FPort](https://www.mcafee.com/us/downloads/free-tools/fport.aspx) - Reports
|
||||
open TCP/IP and UDP ports in a live system and maps them to the owning application.
|
||||
* [GDB](http://www.sourceware.org/gdb/) - The GNU debugger.
|
||||
* [GEF](https://github.com/hugsy/gef) - GDB Enhanced Features, for exploiters
|
||||
@ -485,7 +483,7 @@ the [browser malware](#browser-malware) section.*
|
||||
Assistance for GDB, an enhanced display with added commands.
|
||||
* [pestudio](https://winitor.com/) - Perform static analysis of Windows
|
||||
executables.
|
||||
* [plasma](https://github.com/joelpx/plasma) - Interactive disassembler for
|
||||
* [plasma](https://github.com/plasma-disassembler/plasma) - Interactive disassembler for
|
||||
x86/ARM/MIPS.
|
||||
* [PPEE (puppy)](https://www.mzrst.com/) - A Professional PE file Explorer for
|
||||
reversers, malware researchers and those who want to statically inspect PE
|
||||
@ -511,7 +509,7 @@ the [browser malware](#browser-malware) section.*
|
||||
plugin for Sublime 3 to aid with malware analyis.
|
||||
* [strace](https://sourceforge.net/projects/strace/) - Dynamic analysis for
|
||||
Linux executables.
|
||||
* [Triton](http://triton.quarkslab.com/) - A dynamic binary analysis (DBA) framework.
|
||||
* [Triton](https://triton.quarkslab.com/) - A dynamic binary analysis (DBA) framework.
|
||||
* [Udis86](https://github.com/vmt/udis86) - Disassembler library and tool
|
||||
for x86 and x86_64.
|
||||
* [Vivisect](https://github.com/vivisect/vivisect) - Python tool for
|
||||
@ -603,10 +601,13 @@ the [browser malware](#browser-malware) section.*
|
||||
|
||||
## Storage and Workflow
|
||||
|
||||
* [Aleph](https://github.com/trendmicro/aleph) - OpenSource Malware Analysis
|
||||
* [Aleph](https://github.com/merces/aleph) - Open Source Malware Analysis
|
||||
Pipeline System.
|
||||
* [CRITs](https://crits.github.io/) - Collaborative Research Into Threats, a
|
||||
malware and threat repository.
|
||||
* [FAME](https://certsocietegenerale.github.io/fame/) - FAME is a malware analysis framework.
|
||||
It features a pipeline that can be extended with custom modules that can be chained and
|
||||
interact with each other to perform end-to-end analysis.
|
||||
* [Malwarehouse](https://github.com/sroberts/malwarehouse) - Store, tag, and
|
||||
search malware.
|
||||
* [Polichombr](https://github.com/ANSSI-FR/polichombr) - A malware analysis
|
||||
@ -647,7 +648,7 @@ the [browser malware](#browser-malware) section.*
|
||||
Tools and Techniques for Fighting Malicious Code.
|
||||
* [Practical Malware Analysis](https://amzn.com/dp/1593272901) - The Hands-On Guide
|
||||
to Dissecting Malicious Software.
|
||||
* [Practical Reverse Engineering](http://a.co/63SQsH2) - Intermediate Reverse Engineering
|
||||
* [Practical Reverse Engineering](https://www.amzn.com/dp/1118787315/) - Intermediate Reverse Engineering
|
||||
* [Real Digital Forensics](https://www.amzn.com/dp/0321240693) - Computer Security and Incident Response
|
||||
* [The Art of Memory Forensics](https://amzn.com/dp/1118825098) - Detecting
|
||||
Malware and Threats in Windows, Linux, and Mac Memory.
|
||||
|
Loading…
Reference in New Issue
Block a user