تقييم الموضوع :
  • 0 أصوات - بمعدل 0
  • 1
  • 2
  • 3
  • 4
  • 5
Detection and Classification أدوات كشف تلغيم والفيروسات
#1
Shocked 
 Antivirus and other malware identification tools
كود :
https://github.com/hiddenillusion/AnalyzePE]AnalyzePE 
 - Wrapper for a variety of tools for reporting on Windows PE files.
كود :
https://bitbucket.org/cse-assemblyline/assemblyline]Assemblyline 
 - A scalable distributed file analysis framework.
كود :
https://github.com/airbnb/binaryalert]BinaryAlert 
 - An open source, serverless AWS pipeline that scans and alerts on uploaded files based on a set of YARA rules.
كود :
http://www.chkrootkit.org/]chkrootkit 
 - Local Linux rootkit detection.
كود :
http://www.clamav.net/]ClamAV 
 - Open source antivirus engine.
كود :
https://github.com/horsicq/Detect-It-Easy]Detect-It-Easy 
 - A program for determining types of files.
كود :
http://exeinfo.pe.hu/]Exeinfo PE 
 - Packer, compressor detector, unpack info, internal exe tools.
كود :
https://sno.phy.queensu.ca/~phil/exiftool/]ExifTool 
 - Read, write and edit file metadata.
كود :
https://github.com/EmersonElectricCo/fsf]File Scanning Framework 
 - Modular, recursive file scanning solution.
كود :
https://github.com/uppusaikiran/generic-parser]Generic File Parser 
 - A Single Library Parser to extract meta information,static analysis and detect macros within the files.
كود :
https://github.com/jessek/hashdeep]hashdeep 
 - Compute digest hashes with a variety of algorithms.
كود :
https://github.com/gurnec/HashCheck]HashCheck 
 - Windows shell extension to compute hashes with a variety of algorithms.
كود :
https://github.com/Neo23x0/Loki]Loki 
 - Host based scanner for IOCs.
كود :
https://github.com/Dynetics/Malfunction]Malfunction 
 - Catalog and compare malware at a function level.
كود :
https://github.com/JusticeRage/Manalyze]Manalyze 
 - Static analyzer for PE executables.
كود :
https://github.com/KoreLogicSecurity/mastiff]MASTIFF 
 - Static analysis framework.
كود :
https://github.com/mitre/multiscanner]MultiScanner 
 - Modular file scanning/analysis framework
كود :
https://github.com/rjhansen/nsrllookup]nsrllookup 
 - A tool for looking up hashes in NIST's National Software Reference Library database.
كود :
http://handlers.sans.org/jclausing/packerid.py]packerid 
 - A cross-platform Python alternative to PEiD.
كود :
https://hshrzd.wordpress.com/pe-bear/]PE-bear 
 - Reversing tool for PE files.
كود :
http://pev.sourceforge.net/]PEV 
 - A multiplatform toolkit to work with PE files, providing feature-rich tools for proper analysis of suspicious binaries.
كود :
http://rkhunter.sourceforge.net/]Rootkit Hunter 
 - Detect Linux rootkits.
كود :
https://ssdeep-project.github.io/ssdeep/]ssdeep 
 - Compute fuzzy hashes.
كود :
https://gist.github.com/gleblanc1783/3c8e6b379fa9d646d401b96ab5c7877f]totalhash.py 
 - Python script for easy searching of the 
كود :
https://totalhash.cymru.com/]TotalHash.cymru.com 
 database.
كود :
http://mark0.net/soft-trid-e.html]TrID 
 - File identifier.
كود :
https://github.com/uppusaikiran/virustotal-falsepositive-detector]virustotal-falsepositive-detector 
 - A Tool to Analyze Virustotal Reports to Find Potential False Positives based on similarity of Detection Naming.
كود :
https://plusvic.github.io/yara/]YARA 
 - Pattern matching tool for analysts.
كود :
https://github.com/Neo23x0/yarGen]Yara rules generator 
 - Generate yara rules based on a set of malware samples. Also contains a good strings DB to avoid false positives.
كود :
https://github.com/uppusaikiran/yara-finder]Yara Finder 
 - A simple tool to yara match the file against various yara rules to find the indicators of suspicion
الرد
تم الشكر بواسطة:


التنقل السريع :


يقوم بقرائة الموضوع: بالاضافة الى ( 1 ) ضيف كريم