Projects

Updated 7 months ago

flare-capa • Rank 22.3 • Science 54%

The FLARE team's open-source tool to identify capabilities in executable files.

binary-analysis gsoc-2025 malware-analysis reverse-engineering threat-intelligence

Updated 7 months ago

capev2 • Rank 13.0 • Science 54%

Malware Configuration And Payload Extraction

cape configs debugging-tools malware malware-analysis malware-research reverse-engineering sandbox unpacking

Updated 7 months ago

hyperdbg • Rank 11.8 • Science 49%

State-of-the-art native debugging tools

binary-analysis debug debugger debugging debugging-tool ept hook hyperdbg hypervisor kernel-debugger logic-analyzer malware-analysis reverse-engineering security security-tools virtualization virtualization-framework windows-kernel

Updated 7 months ago

elf-static-toolkit • Rank 2.1 • Science 26%

ELF Static Toolkit | Executable and Linkable Format (ELF) Analysing Toolkit

elf elf-header elf-parser lief linux linux-reverse-engineering malware-analysis malware-detection readelf reverse-engineering reverseengineering

Updated 7 months ago

pe-static-toolkit • Rank 1.4 • Science 26%

PE Static Toolkit | Portable Executable (PE) Analysing Toolkit

malware-analysis malware-detection pefile peheader reverse-engineering reverseengineering static-analysis

Updated 7 months ago

apk-static-toolkit • Rank 0.0 • Science 26%

APK Static Toolkit | Android Package Kit (APK) Analysing Toolkit

aapt aapt2 androguard android-reverse-engineering android-security apk-analysis apk-reverse-engineering malware-analysis malware-detection reverse-engineering

Updated 7 months ago

androidmalwarecrypto • Science 28%

The analysis of cryptography in Android malicious applications

cryptography data-science malware-analysis

Updated 7 months ago

cape-hook-generator • Science 44%

CAPEv2 (capemon) hook skeleton generator (hookdefs) for your malware analysis needs.

api apihoo apihooking cape capesandbox capev2 hook hooks malware malware-analysis malware-research malware-samples sandbox windows windowsapi

Updated 7 months ago

https://github.com/0xk1h0/replica3 • Science 26%

Ghidra Analysis Enhancer 🐉 Python3 version.

analysis automation binary binary-analysis decompilation decompiler disassembler disassembly enhancement ghidra ghidra-auto-analysis ghidra-scripts label-references malware-analysis rename-functions replica reverse-engineering security-audit security-tools

Updated 7 months ago

scorpion-antimalware • Science 44%

Scorpion Anti-malware official repository

artificial-intelligence bidirectional-gru convolutional-neural-networks malware-analysis malware-detection malware-research onnx onnxruntime open-source recurrent-neural-networks

Updated 7 months ago

docker-packing-box • Science 54%

Docker image gathering packers and tools for making datasets of packed executables and training machine learning models for packing detection

binary-analysis dataset-generation docker-image elf-format executable-packing machine-learning malware-analysis malware-packers malware-research packing-detection pe-format research-platform research-tools

Updated 7 months ago

gview • Science 44%

GView is a cross-platform framework for reverse-engineering. Users can leverage the diverse range of available visualization options to effectively analyze and interpret the information.

cpp20 malware-analysis malware-research reverse-engineering visualization

Updated 7 months ago

malvada • Science 67%

MALVADA: Malware Execution Traces Dataset generation.

dataset dataset-generation datasets datasets-preparation malware malware-analysis malware-dataset malware-execution malware-research malware-samples

Updated 7 months ago

hexa_payload_decoder • Science 44%

A tool to automatically decode and translate any TCP hexa payload data form any language to english.

cybersecurity iot iot-malware malware-analysis security-tools traffic-analysis

Updated 7 months ago

capemon-hook-generator • Science 44%

CAPEv2 (capemon) hook skeleton generator (hookdefs) for your malware analysis needs.

api apihook apihooking cape capesandbox capev2 hook hooking hooks malware malware-analysis malware-detection malware-research malware-samples sandbox windows windowsapi

Updated 7 months ago

malgraphiq • Science 39%

Transform your malware sandbox reports and execution traces into behavior and category graphs and plot their Windows Behavior Catalog (WBC) behavior identification.

backtracking behavior capev2 graphs malware malware-analysis malware-behavior malware-detection malware-research sandbox sandbox-environment visualization windows windows-malware windows-malware-analysis

Updated 7 months ago

https://github.com/csvl/sema • Science 26%

SEMA is based on angr, a symbolic execution engine used to extract API calls. Especially, we extend ANGR with strategies to create representative signatures based on System Call Dependency graph (SCDG). Those SCDGs can be exploited in machine learning modules to do classification/detection.

angr binary-analysis classification concolic-execution ctf cybersecurity detection linux malware malware-analysis malware-detection malware-research python reverse reverse-engineering sema static-analysis symbolic symbolic-execution windows

Updated 7 months ago

https://github.com/czs108/microsoft-malware-classification • Science 10%

🔍 "2015 Microsoft Malware Classification Challenge" - Using machine learning to classify malware into different families based on Windows PE structures, disassembly scripts and machine code.

cybersecurity kaggle-competition machine-learning malware malware-analysis pe python reverse-engineering

Updated 7 months ago

bayesian-hyper-parameter-optimization-for-malware-detection • Science 18%

AI-CyberSec 2021 Workshop CEUR Publication(AI-2021 Forty-first SGAI International Conference)

baysian config default gaussian-naive-bayes github-config grid hyperparameter-optimization knn-classification lightgbm-classifier logistic-regression machine-learning-algorithms malware-analysis malware-detection optimization python random-forest randomsearch search-algorithm stochastic-gradient-descent

Updated 7 months ago

misp • Science 54%

MISP (core software) - Open Source Threat Intelligence and Sharing Platform

cti cybersecurity fraud-detection fraud-management fraud-prevention information-exchange information-security information-sharing intelligence malware-analysis misp security stix threat-analysis threat-hunting threat-intel threat-intelligence threat-intelligence-platform threat-sharing threatintel

ecosyste.ms

Data

Tools

Indexes

Applications

Experiments

Open Source Science

flare-capa • Rank 22.3 • Science 54%

capev2 • Rank 13.0 • Science 54%

hyperdbg • Rank 11.8 • Science 49%

elf-static-toolkit • Rank 2.1 • Science 26%

pe-static-toolkit • Rank 1.4 • Science 26%

apk-static-toolkit • Rank 0.0 • Science 26%

androidmalwarecrypto • Science 28%

cape-hook-generator • Science 44%

https://github.com/0xk1h0/replica3 • Science 26%

scorpion-antimalware • Science 44%

docker-packing-box • Science 54%

gview • Science 44%

malvada • Science 67%

hexa_payload_decoder • Science 44%

capemon-hook-generator • Science 44%

malgraphiq • Science 39%

https://github.com/csvl/sema • Science 26%

https://github.com/czs108/microsoft-malware-classification • Science 10%

bayesian-hyper-parameter-optimization-for-malware-detection • Science 18%

misp • Science 54%