idiom

iocs

Machine-digestible malware indicators.

officeparser

Extract embedded files and macros from office documents.

blip

chopshop

Protocol Analysis/Decoder Framework

CmdDesktopSwitch

CmdDesktopSwitch is a small utility that lists all windows desktops and provides the option to switch between them. This can be used to identify and watch malware that has created a hidden desktop.

dllinjector

dll injection tool that implements various methods

elfesteem

Automatically exported from code.google.com/p/elfesteem

ForwardIt

Hello World Outlook VSTO Project

frida

Clone this repo to build Frida

libbtbb

A Bluetooth baseband decoding library

libewf

Libewf is a library to access the Expert Witness Compression Format (EWF)

MacroShop

Collection of scripts to aid in delivering payloads via Office Macros. Most are python. See http://khr0x40sh.wordpress.com for details.

metasploit-framework

Metasploit Framework

ollydbg-script

收集一些ollydbg的脱壳脚本 collect some ollydbg scripts.

pafish

Pafish is a demo tool that performs some anti(debugger/VM/sandbox) tricks

punbup

Python unbup script for McAfee .bup files (with some additional fun features). This script is fully implemented in python it's not just another wrapper around 7zip!

pywinrm

Python library for Windows Remote Management

RegRipper2.8

RegRipper version 2.8

rules

Repository of yara rules

sems

Virtualbox, VirtualMachine, Cuckoo, Anubis, ThreatExpert, Sandboxie, QEMU, Analysis Tools Detection Tools

shiva

Spam Honeypot with Intelligent Virtual Analyzer

ubertooth

Software, firmware and hardware designs for Ubertooth

viper

Binary analysis framework

volatility

An advanced memory forensics framework

yarAnalyzer

Yara Rule Analyzer and Statistics

yarGen

A Yara Bulk Rule Generator

yatp

Yet Another TNEF Parser

fykeD

gcode-optimizer

A command-line tool that optimizes CNC Mill and Laser Engraver gcode generated from programs like MakerCAM - also optionally converts mill gcode to laser gcode

OutlookBase

Hello World C++ Outlook Plugin