Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/deadbits/malware-analysis-scripts

Collection of scripts for different malware analysis tasks
https://github.com/deadbits/malware-analysis-scripts

malware malware-analysis malware-research reverse-engineering

Last synced: about 1 month ago
JSON representation

Collection of scripts for different malware analysis tasks

Host: GitHub
URL: https://github.com/deadbits/malware-analysis-scripts
Owner: deadbits
Created: 2015-01-23T12:08:17.000Z (over 9 years ago)
Default Branch: master
Last Pushed: 2019-07-15T00:18:56.000Z (about 5 years ago)
Last Synced: 2024-04-06T10:34:22.304Z (5 months ago)
Topics: malware, malware-analysis, malware-research, reverse-engineering
Language: Python
Size: 27.3 KB
Stars: 71
Watchers: 7
Forks: 17
Open Issues: 2
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

awesome-security-collection - **53**星

README

        [![Say Thanks](https://img.shields.io/badge/Say%20Thanks-!-1EAEDB.svg?style=flat)](https://saythanks.io/to/deadbits)

# malware-analysis-scripts

Collection of scripts for different malware analysis tasks

## Introduction

Some of these scripts are mine. Some of them are not. I have had many of these stored for a 

long time and I will try to make sure credit for others work is given where due, though 

sometimes I no longer know who the original author actually is. 

  

If you happen to see code you recognize here please let me know in a Issue so I can assign proper credit. 

  

This README will be used to keep track of the contents of this repo, what each script does and who the original authors are, if it is not myself. Each script may have it's own documentation within it as well.

## Contents

Sorted by author:

  * getstatic.py (deadbits)

  * getimps.py (deadbits)

  * domain_registrant.py (deadbits)

  * gozi-c2-craft.py (deadbits)

  * malshare_dl.py (deadbits)

  * http_forge.py (deadbits)

  * irc_stealth.py (deadbits)

  * local2splunk.py (deadbits)

  * lookup_dns.py (deadbits)

  * mass_nmap.py (deadbits)

  * maz_slim.py (deadbits)

  

***

  * memdump.c (travis montoya)

  

***

  * blackenergy.py ([Malware.lu](http://www.malware.lu))

  * bozok_config.py ([Malware.lu](http://www.malware.lu))

  

***

  * vt-notify.rb (author unknown)

  * binextract.py (author unknown)

  * anubis.py (author unknown)

  * decodebhek.py (author unknown)

  * cifcsv.py (author unknown)

  * magic.py (author unknown)

  * match.py (author unknown)

  * phpdecode.py (author unknown)

  * xorencode.c (author unkown - maybe myself? really dont remember..)

  * xortools.py (author unknown)

  * fake_dns.py (author unknown)

  

***

  * darkcomet_config.py ([r3shl4k1sh](https://bitbucket.org/r3shl4k1sh))

   

***

  * atrax-root.py (siph0n)

  

***

  * pescanner.py (Michael Ligh)

  * avsubmit.py (Michael Ligh)

  * db-artifacts.py (Michael Ligh)

  

***

  * backtrack.py (Alexander Hanel)

  * import_snapshop.py (Alexander Hanel)

  * vt_pyscan.py (Alexander Hanel)

  

***

  * AnalyzePE.py (hiddenillusion)

  * IPInfo.py (hiddenillusion)

  

***

  * Automater.py ([TekDefesene](http://www.tekDefense.com))

  

***

  * wepewet.py ([email protected])