1,226 Works


External Data Source
Wifiphisher can be further used to mount victim-customized web phishing attacks against the connected clients in order to capture credentials (e.g. from third party login pages or WPA/WPA2 Pre-Shared Keys) or infect the victim stations with malwares. Wifiphisher is... ...powerful. Wifiphisher can run for hours inside a Raspberry Pi device executing all modern Wi-Fi association techniques (including Evil Twin , KARMA and Known Beacons ). ...flexible. Supports dozens of arguments and comes with a set...


External Data Source
theZoo is a project created to make the possibility of malware analysis open and available to the public. Since we have found out that almost all versions of malware are very hard to come by in a way which will allow analysis, we have decided to gather all of them for you in an accessible and safe way.theZoo was born by Yuval tisf Nativ and is now maintained by Shahak Shalev. Disclaimer: theZoo s purpose...


External Data Source
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing framework capable of performing static, dynamic and malware analysis. It can be used for effective and fast security analysis of Android, iOS and Windows mobile applications and support both binaries (APK, IPA APPX ) and zipped source code. MobSF can do dynamic application testing at runtime for Android apps and has Web API fuzzing capabilities powered by CapFuzz, a Web API specific security...


External Data Source
Cuckoo Sandbox is the leading open sourceautomated malware analysis system. You can throw any suspicious file atit and in a matter of seconds Cuckoo will provide you back some detailedresults outlining what such file did when executed inside an isolatedenvironment. Cuckoo Sandbox is free software that automated the task of analyzing any malicious file under Windows, OS X, Linux, and Android. What can it do? Cuckoo Sandbox is an advanced, extremely modular, and 100% open...


External Data Source
There are three parts to the project: smalivm, simplify, and the demo app. smalivm: Provides a virtual machine sandbox for executing Dalvik methods. After executing a method, it returns a graph containing all possible register and class values for every execution path. It works even if some values are unknown, such as file and network I/O. For example, any if or switch conditional with an unknown value results in both branches being taken. simplify: Analyzes...


External Data Source
GEF is a set of commands for x86/64, ARM, MIPS, PowerPC and SPARC to assist exploit developers and reverse-engineers when using old school GDB. It provides additional features to GDB using the Python API to assist during the process of dynamic analysis and exploit development. Application developers will also benefit from it, as GEF lifts a great part of regular GDB obscurity, avoiding repeating traditional commands, or bringing out the relevant information from the debugging...


External Data Source
This is a collection of botnet source codes, unorganized. Many projects are duplicates or revisions of each other. Many of them have outdated depedencies. The goal is to collectively put them together so that they are compilable and help people interested in malware research analyze them and learn from these samples.


External Data Source
Androguard is a full python tool to play with Android files. DEX, ODEX APK Android s binary xml Android resources Disassemble DEX/ODEX bytecodes Decompiler for DEX/ODEX files


External Data Source
MISP is an open source software solution for collecting, storing, distributing and sharing cyber security indicators and threats about cyber security incidents analysis and malware analysis. MISP is designed by and for incident analysts, security and ICT professionals or malware reversers to support their day-to-day operations to share structured information efficiently. The objective of MISP is to foster the sharing of structured information within the security community and abroad. MISP provides functionalities to support the...


External Data Source
al-khaser is a PoC malware application with good intentions that aims to stress your anti-malware system. It performs a bunch of common malware tricks with the goal of seeing if you stay under the radar.


External Data Source
A detailed overview of system activity with highlighting. Graphs and statistics allow you quickly to track down resource hogs and runaway processes. Can t edit or delete a file? Discover which processes are using that file. See what programs have active network connections, and close them if necessary. Get real-time information on disk access. View detailed stack traces with kernel-mode, WOW64 and .NET support. Go beyond services.msc: create, edit and control services. Small, portable and...


External Data Source
The Cyber Threat Intelligence Repository of ATT CK and CAPEC catalogs expressed in STIX 2.0 JSON.

FireEye Labs Obfuscated String Solver (FLOSS)

External Data Source
Rather than heavily protecting backdoors with hardcore packers, many malware authors evade heuristic detections by obfuscating only key portions of an executable. Often, these portions are strings and resources used to configure domains, files, and other artifacts of an infection. These key features will not show up as plaintext in output of the strings.exe utility that we commonly use during basic static analysis. The FireEye Labs Obfuscated String Solver (FLOSS) uses advanced static analysis techniques...


External Data Source
The objective of this project is to collect usual tricks seen in malware samples. This allows us to study them, and test if our analysis environments are properly implemented.


External Data Source
The tool requires a regular expression analyzer.Currently, the RXXR checker is included.


External Data Source
Configurable Denial-Of-Service prevention for http services.


External Data Source
Warchild is a denial of service testing suite made for analysing the strength of your websiteagainst different kinds of denial of service attacks you will be facing which are mainly organised by crooks to cause damage to your website. Overview This Denial Of Service suite comprises of the following features : CloudBust :- Cloudbust a.k.a AETHON is a cloudflare resolver that looks into the cloudflare protectedwebsite for misconfigured DNS configurationbasically uses dnsdumpster.com as its resolver...


External Data Source
Helps find regular expressions susceptible to denial of service attacks.


External Data Source
UFONet is a tool designed to launch Layer 7 (HTTP/Web Abuse) DDoS attacks, using Open Redirect vectors, generally located on third party web applications (a botnet) and other powerful DoS attacks, some including different OSI model layers, as for example the TCP/SYN flood attack, which is perform on Layer 3 (Network).


External Data Source
Maltrail is a malicious traffic detection system, utilizing publicly available (black)lists containing malicious and/or generally suspicious trails, along with static trails compiled from various AV reports and custom user defined lists, where trail can be anything from domain name (e.g. zvpprsensinaix.com for Banjori malware), URL (e.g. hXXp:// for known malicious executable), IP address (e.g. for known attacker) or HTTP User-Agent header value (e.g. sqlmap for automatic SQL injection and database takeover tool). Also, it...


External Data Source
In this project we attempt at solving this problem by presenting two taxonomies A Taxonomy and Survey of Intrusion Detection System Design Techniques, Network Threats and Datasets and A Taxonomy of Malicious Traffic for Intrusion Detection Systems , classifying threats as well as evaluating current datasets. The result shows that a large portion of current research published train IDS algorithms against outdated datasets and outdated threats. To this end, we provide the source ofour threat...


External Data Source
Scapy is a Python program that enables the user to send, sniff and dissect and forge network packets. This capability allows construction of tools that can probe, scan or attack networks. In other words, Scapy is a powerful interactive packet manipulation program. It is able to forge or decode packets of a wide number of protocols, send them on the wire, capture them, match requests and replies, and much more. Scapy can easily handle most...


External Data Source
Polymorph is a framework written in Python 3 that allows the modification of network packets in real time, providing maximum control to the user over the contents of the packet. This framework is intended to provide an effective solution for real-time modification of network packets that implement practically any existing protocol, including private protocols that do not have a public specification. In addition to this, one of its main objectives is to provide the user...


External Data Source
The Nemesis Project is designed to be a command line based, portable human IP stack for UNIX-like and Windows systems. The suite is broken down by protocol, and should allow for useful scripting of injected packets from simple shell scripts. Key Features ARP/RARP, DNS, ETHERNET, ICMP, IGMP, IP, OSPF, RIP, TCP and UDP protocol support Layer 2 or Layer 3 injection on UNIX-like systems Layer 2 injection (only) on Windows systems Packet payload from file...


External Data Source
libtins main purpose is to provide the C++ developer an easy, efficient, platform and endianness-independent way to create tools which need to send, receive and manipulate network packets. libtins supports several protocols and features: Network packet crafting. Packet sniffing and automatic packet interpretation. Reading and writing PCAP files. Following and reassembling TCP streams on the fly. Decrypting WEP and WPA2(TKIP and CCMP) encrypted 802.11 data frames on the fly and interpreting the decrypted content. Works...

Registration Year

  • 2017
  • 2018
  • 2019

Resource Types

  • Dataset