Simplify virtually executes an app to understand its behavior and then tries to optimize the code so that it behaves identically but is easier for a human to understand. Each optimization type is simple and generic, so it doesn't matter what the specific type of obfuscation is used. The code on the left is a decompilation of an obfuscated app, and the code on the right has been deobfuscated.
deobfuscation optimization android reverse-engineering malware-analysis dalvik malware deobfuscator virtual-machine emulator malware-analyzerAndroL4b is an android security virtual machine based on ubuntu-mate includes the collection of latest framework, tutorials and labs from different security geeks and researchers for reverse engineering and malware analysis.
mobile-security android malware-analyzer penetration-testing reverse-engineering application-securityMultiScanner is a file analysis framework that assists the user in evaluating a set of files by automatically running a suite of tools for the user and aggregating the output. Tools can be custom built Python scripts, web APIs, software running on another machine, etc. Tools are incorporated by creating modules that run in the MultiScanner framework. Modules are designed to be quickly written and easily incorporated into the framework. Currently written and maintained modules are related to malware analytics, but the framework is not limited to that scope. For a list of modules you can look in modules/. Descriptions and config options can be found on the Analysis Modules page.
analytic-machines analysis-framework python-script scanning antivirus metadata yara malware malware-analysis malware-analyzer malware-research cuckooA pattern based Dalvik deobfuscator which uses limited execution to improve semantic analysis. Also, the inspiration for another Android deobfuscator: Simplify. Make sure adb is on your path.
reverse-engineering android malware malware-analysis malware-analyzer deobfuscation deobfuscator dex dalvikmalware-jail is written for Node's 'vm' sandbox. Currently implements WScript (Windows Scripting Host) context env/wscript.js, at least the part frequently used by malware. Internet browser context is partialy implemented env/browser.js. Runs on any operating system. Developed and tested on Linux, Node.js v6.6.0.
malware-samples wscript deobfuscation angler malware-jail payload-extraction analysis payload malware-analysis malware-research malware-analyzer node malware jail sandboxMAZ, short of Malware Analysis Zoo, is a Ruby based application for performing static malware analysis, and submitting samples and gathering the reports from 3rd party analysis services. The raw samples and all metadata and IOCs are stored within a local (or remote) MongoDB. Full documentation, license details and otherr information is available in the docs directory. In the meantime, I recommend checking out projects like stoQ, Viper, Aleph, and Polichombr.
malware-analysis malware-research malware-analyzer securityThis repository contains a Dockerfile of malice/pdf. It runs PDFiD and pdf-parser.py on samples and will extract and (eventually) submit extracted files as children back to malice for analysis. This will output to stdout and POST to malice results API webhook endpoint.
malice malware pdf plugin pdfid pdf-parsing peepdf docker pdf-malware pdf-analyzer malice-plugin malware-analysis malware-analyzerThis repository contains a Dockerfile of the Yara malice plugin malice/yara. This will output to stdout and POST to malice results API webhook endpoint.
malice yara docker plugin malware malware-analysis malware-detection malware-research malice-plugin malware-analyzerA Python malware analysis library. Mostly for machine learning purposes. More info coming soon, along with my dissertation, which will go much deeper into what this is. For now, this page is all of the documentation for this project.
malware malware-analysis malware-research malware-analyzer machine-learning artificial-intelligence artificial-neural-networks cybersecurity
We have large collection of open source products. Follow the tags from
Tag Cloud >>
Open source products are scattered around the web. Please provide information
about the open source projects you own / you use.
Add Projects.