threathive's repositories
tor
unofficial git repo -- report bugs/issues/pull requests on https://trac.torproject.org/ --
HaboMalHunter
HaboMalHunter is a sub-project of Habo Malware Analysis System (https://habo.qq.com), which can be used for automated malware analysis and security assessment on the Linux system.
falcon-redis-cache
Redis cache middleware for falcon resources. Pulled from py-blog project @ https://github.com/neetjn/py-blog
Robust and flexible email library for Go
CobaltStrikeForensic
Toolset for research malware and Cobalt Strike beacons
what_is_this_c2
For all these times you're asking yourself "what is this panel again?"
CertStreamMonitor
Monitor certificates generated for specific domain strings and associated, store data into sqlite3 database, alert you when sites come online.
imaginaryC2
Imaginary C2 is a python tool which aims to help in the behavioral (network) analysis of malware. Imaginary C2 hosts a HTTP server which captures HTTP requests towards selectively chosen domains/IPs. Additionally, the tool aims to make it easy to replay captured Command-and-Control responses/served payloads.
MalConfScan
Volatility plugin for extracts configuration data of known malware
klara
Kaspersky's GReAT KLara
volatility-autoruns
Autoruns plugin for the Volatility framework
ISFB_Tools
List of tools to assist in analyzing samples of ISFB/Gozi/Ursnif
amira
AMIRA: Automated Malware Incident Response & Analysis
malware_decoders
Static based decoders for malware samples
certstream-playground
random fun with cert stream data
IPToCC
Get country code of IPv4/IPv6 address. Address lookup is done offline.
fsi-dnsdb
Python client for Farsight Security's DNSDB API
YetiToElastic
YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack
malice-kibana-plugin
Malice Kibana Plugin
elasticsearch
Malice's Customized Elasticsearch
pyeti
Python bindings for Yeti's API
roach
Cockroach is your primitive & immortal swiss army knife.
malice
VirusTotal Wanna Be - Now with 100% more Hipster
LnkParse
Windows Shortcut file (LNK) parser
backscatter-go
backscatter.io golang client
swarm_resolver
Simple wrapper around aiodns for bulk DNS resolution
aoba
Automatic Tools for Observe and Analyze EK and Identify Malware (a.k.a nao_sec tools)
ip2location-go
Use IP2Location geolocation database to lookup the geolocation information with IP2Location Go Package. It can be used to determine country, region, city, coordinates, zip code, time zone, ISP, domain name, connection type, area code, weather, MCC, MNC, mobile brand name, elevation and usage type that any IP address or hostname originates from.
uuid
A UUID package originally forked from github.com/satori/go.uuid
plugins
Official Malice Plugins