Displaying 1 to 20 from 30 results

Loki - Loki - Simple IOC and Incident Response Scanner

  •    Python

The Windows binary is compiled with PyInstaller 2.1 and should run as x86 application on both x86 and x64 based systems. Download the latest version of LOKI from the releases section.

malice - VirusTotal Wanna Be - Now with 100% more Hipster

  •    Go

Malice's mission is to be a free open source version of VirusTotal that anyone can use at any scale from an independent researcher to a fortune 500 company. NOTE: On the first run malice will download all of it's default plugins which can take a while to complete.

clamav-devel - ClamAV Development - FAQ is here: https://github.com/Cisco-Talos/clamav-faq

  •    C++

ClamAV® is an open source antivirus engine for detecting trojans, viruses, malware & other malicious threats. The ClamAV documentation can be found in locally in docs/UserManual.md with additional information online in our FAQ.




Veil - Veil 3.1.X (Check version info in Veil at runtime)

  •    Python

Veil is a tool designed to generate metasploit payloads that bypass common anti-virus solutions. This file is responsible for installing all the dependences of Veil. This includes all the WINE environment, for the Windows side of things. It will install all the necessary Linux packages and GoLang, as well as Python, Ruby and AutoIT for Windows. In addition, it will also run ./config/update-config.py for your environment.

Veil-Evasion - Veil Evasion is no longer supported, use Veil 3.0!

  •    Python

Veil-Evasion is a tool designed to generate metasploit payloads that bypass common anti-virus solutions. NOTE: ./setup/setup.sh should be re-run on every major version update. If you receive any major errors on running Veil-Evasion, first try re-running this script to install any additional packages and update the common configuration file.

php-malware-finder - Detect potentially malicious PHP files

  •    PHP

PHP-malware-finder does its very best to detect obfuscated/dodgy code as well as files using PHP functions often used in malwares/webshells. Of course it's trivial to bypass PMF, but its goal is to catch kiddies and idiots, not people with a working brain. If you report a stupid tailored bypass for PMF, you likely belong to one (or both) category, and should re-read the previous statement.

multiscanner - Modular file scanning/analysis framework

  •    Javascript

MultiScanner is a file analysis framework that assists the user in evaluating a set of files by automatically running a suite of tools for the user and aggregating the output. Tools can be custom built Python scripts, web APIs, software running on another machine, etc. Tools are incorporated by creating modules that run in the MultiScanner framework. Modules are designed to be quickly written and easily incorporated into the framework. Currently written and maintained modules are related to malware analytics, but the framework is not limited to that scope. For a list of modules you can look in modules/. Descriptions and config options can be found on the Analysis Modules page.


Haze Anti-Virus

  •    CSharp

Haze Anti-Virus is a anti virus written in native C++, it uses signatures and heuristics scanning. This antivirus is aimed at providing all users with a secure computer enviroment, by making it as simple to use but still packs even more features than other complex antivirus so...

Forefront Endpoint Management Tools

  •    CSharp

The goal of this project is to create a basic management system for Forefront Endpoint. This is not a replacement for System Center, but a solution for smaller organizations. Currently planned features include policy management, reporting, and task scheduling. The project ...

Super Av Anti Virus

  •    

Super Av Anti Virus is an open source anti virus with full source code

avpwn - List of real-world threats against endpoint protection software

  •    

List of real-world threats against endpoint protection software - For future reference. The list is based on public information and thus is obviously incomplete.

rokki - Simple web-sites malware scanner.

  •    PHP

Rokki is a simple web-sites malware scanner inspired by Manul Antimalware Tool. The tool has been developed to help system administrators to find malware in websites without a need to install PHP on the server. Check all files in /var/www/htdocs folder.

ansible-role-clamav - Ansible Role - ClamAV.

  •    

Installs ClamAV on RedHat/CentOS and Debian/Ubuntu Linux servers. None.

flying-sandbox-monster - Sandboxed, Rust-based, Windows Defender Client

  •    Rust

A proof-of-concept application that sandboxes the Malware Protection engine in an AppContainer on Windows, written in Rust. Flying Sandbox Monster only supports 32-bit builds at this time. Note: there is some trickery performed to make things work since this is a proof-of-concept that interfaces with an undocumented DLL. Flying Sandbox Monster requires dependencies that cannot be automatically included.

dontclickshit - Як не стати кібер-жертвою

  •    

Не відкривайте, не натискайте, та не запускайте підозрілі файли, посилання та програми. Основне правило: якщо ви на це (лист, файл, посилання тощо) не чекали, це підозріло.

HRCloud2 - A full-featured home hosted Cloud Drive, Personal Assistant, App Launcher, File Converter, Streamer, Share Tool & More!

  •    PHP

HRCloud2 is a personal Cloud CMS Platform similar to ownCloud but with far greater capability that includes all the same functionality as a commercial end-user based Cloud platform. Functions like file conversion, OCR, archiving, dearchiving, A/V scanning, sharing and more. With HRCloud2 you can perform all your favorite bash and command line tools just by selecting checkboxes and clicking buttons, from anywhere. HRCloud2 can integrate with WordPress, although it will install what it needs from WordPress when it does not exist. It uses user accounts created by WordPress, but does not itself use a database for anything other than user authentication. All log and cache files are internally controlled.

malice-av - Malice AntiVirus Plugins

  •    Go

NOTE: This repo only contains old POCs and AV installer files.

windows-defender - Malice Windows Defender AntiVirus Plugin

  •    Go

This will output to stdout and POST to malice results API webhook endpoint. Find a bug? Want more features? Find something missing in the documentation? Let me know! Please don't hesitate to file an issue.