Awesome-Mirrors/awesome-malware-analysis
1
0
Fork 0
mirror of https://github.com/rshipp/awesome-malware-analysis.git synced 2024-07-01 05:51:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: Awesome-Mirrors:a444efde8a9365e5128a88b76f1720c6edc30837
Branches Tags
Awesome-Mirrors:main
..
compare: Awesome-Mirrors:d97a0d193d7f1930ca035571d0799295507afe42
Branches Tags
Awesome-Mirrors:main

1 Commits
a444efde8a ... d97a0d193d

Author SHA1 Message Date
ddvv
d97a0d193d
Merge 6d6e44b320 into 448522ad9e 2024-03-27 11:29:27 +08:00
2 changed files with 9 additions and 12 deletions
Show Stats Expand all files Collapse all files

9
README.md
View File

@ -223,7 +223,8 @@ View Chinese translation: [恶意软件分析大合集.md](恶意软件分析大
* [AnalyzePE](https://github.com/hiddenillusion/AnalyzePE) - Wrapper for a
variety of tools for reporting on Windows PE files.
* [Assemblyline](https://cybercentrecanada.github.io/assemblyline4_docs/) - A scalable file triage and malware analysis system integrating the cyber security community's best tools..
* [Assemblyline](https://bitbucket.org/cse-assemblyline/assemblyline) - A scalable
distributed file analysis framework.
* [BinaryAlert](https://github.com/airbnb/binaryalert) - An open source, serverless
AWS pipeline that scans and alerts on uploaded files based on a set of
YARA rules.
@ -257,7 +258,7 @@ executables.
* [Nauz File Detector(NFD)](https://github.com/horsicq/Nauz-File-Detector) - Linker/Compiler/Tool detector for Windows, Linux and MacOS.
* [nsrllookup](https://github.com/rjhansen/nsrllookup) - A tool for looking
up hashes in NIST's National Software Reference Library database.
* [packerid](https://github.com/sooshie/packerid) - A cross-platform
* [packerid](http://handlers.sans.org/jclausing/packerid.py) - A cross-platform
Python alternative to PEiD.
* [PE-bear](https://hshrzd.wordpress.com/pe-bear/) - Reversing tool for PE
files.
@ -622,8 +623,6 @@ the [browser malware](#browser-malware) section.*
analysis.
* [PyREBox](https://github.com/Cisco-Talos/pyrebox) - Python scriptable reverse
engineering sandbox by the Talos team at Cisco.
* [Qiling Framework](https://www.qiling.io/) - Cross platform emulation and sanboxing
framework with instruments for binary analysis.
* [QKD](https://github.com/ispras/qemu/releases/) - QEMU with embedded WinDbg
server for stealth debugging.
* [Radare2](http://www.radare.org/r/) - Reverse engineering framework, with
@ -730,8 +729,6 @@ the [browser malware](#browser-malware) section.*
code integrity and write support.
* [Muninn](https://github.com/ytisf/muninn) - A script to automate portions
of analysis using Volatility, and create a readable report.
[Orochi](https://github.com/LDO-CERT/orochi) - Orochi is an open source framework for
collaborative forensic memory dump analysis.
* [Rekall](http://www.rekall-forensic.com/) - Memory analysis framework,
forked from Volatility in 2013.
* [TotalRecall](https://github.com/sketchymoose/TotalRecall) - Script based

2
恶意软件分析大合集.md
View File

@ -154,7 +154,7 @@
*反病毒和其他恶意软件识别工具*
* [AnalyzePE](https://github.com/hiddenillusion/AnalyzePE) - Windows PE 文件的分析器
* [Assemblyline](https://cybercentrecanada.github.io/assemblyline4_docs/) - 大规模分布式文件分析框架
* [Assemblyline](https://bitbucket.org/cse-assemblyline/assemblyline) - 大规模分布式文件分析框架
* [BinaryAlert](https://github.com/airbnb/binaryalert) - 开源、无服务 AWS 管道,用于对上传的文件使用 YARA 进行扫描和报警
* [capa](https://github.com/fireeye/capa) - 检测可执行文件的攻击能力
* [chkrootkit](http://www.chkrootkit.org/) - 本地 Linux rootkit 检测