Category Archives: Malwares

RetDec – Machine-code Decompiler Based on LLVM

RetDec is a retargetable machine-code decompiler based on LLVM. The decompiler is not limited to any particular target architecture, operating system

CAPE – Malware Configuration And Payload Extraction

CAPE is a malware sandbox. It is derived from Cuckoo and is designed to automate the process of malware analysis with the goal of extracting payloads and configuration from malware.

Cuckoo Sandbox – Automated Malware Analysis Framework

Cuckoo Sandbox is an open source automated malware analysis system. It’s used to automatically run and analyze files and collect comprehensive analysis results that outline what the malware does while running inside an isolated operating system. Cuckoo Sandbox is an

Fenrir – Simple Bash Indicators of Compromise Scanner

Fenrir is a simple IOC scanner bash script. It allows scanning Linux/Unix/OSX systems for Indicators of Compromise (IOCs)

MalConfScan – Volatility Plugin For Malware Analysis

MalConfScan is a Volatility plugin extracts configuration data of known malware.

PEStudio – Malware Initial Assessment Tool

PEStudio tool to spot malicious and suspicious artifacts in order to ease and accelerate Malware Initial Assessment.

VolDiff – Malware Memory Footprint Analysis based on Volatility

VolDiff is a Python script that leverages the Volatility framework to identify malware threats on Windows 7 memory images.