RME-DisCo Research Group

All

25 repositories

MALVADA
Public
MALVADA: Malware Execution Traces Dataset generation.
malware malware-analysis malware-research malware-samples malware-execution
Python
•
GNU General Public License v3.0
•0•0•0•0•Updated Nov 1, 2024Nov 1, 2024
APOTHEOSIS
Public
A specialized implementation of the Hierarchical Navigable Small World (HNSW) data structure adapted for efficient nearest neighbor lookup of approximate matching hashes
python3 approximate-nearest-neighbor-search approximate-matching hnsw
Python
•
GNU General Public License v3.0
•1•6•0•0•Updated Oct 1, 2024Oct 1, 2024
RAMPAGE
Public
RAMPAGE is a framework aimed at training and comparing machine learning models for the detection of Algorithmically Generated Domains.
machine-learning tensorflow malware keras python3 malware-research dga dga-detection
Python
•
GNU General Public License v3.0
•0•0•0•0•Updated Sep 30, 2024Sep 30, 2024
cape-hook-generator
Public
CAPEv2 (capemon) hook skeleton generator (hookdefs) for your malware analysis needs.
Python
•
GNU General Public License v3.0
•0•0•0•0•Updated Jul 23, 2024Jul 23, 2024
winapi-categories
Public
Windows API (WinAPI) functions and system calls with categories in JSON format, including arguments (SAL notation) and more.
windows winapi syscalls windows-api system-calls native-api ntapi windows-syscalls windows-functions
Python
•
GNU General Public License v3.0
•1•7•0•0•Updated Jul 11, 2024Jul 11, 2024
capemon
Public
capemon: CAPE's monitor
C
•
GNU General Public License v3.0
•49•1•0•0•Updated Jun 7, 2024Jun 7, 2024
winesap
Public
Volatility plugin to search for all Autostart Extensibility Points (AESPs)
python malware-analysis volatility volatility-plugins malware-persistence autostar-extensibility-points aesp
Python
•
GNU Affero General Public License v3.0
•0•9•0•0•Updated May 16, 2024May 16, 2024
MOSTO-Modbus-simulator
Public
MOSTO is a SCADA network device simulator based on ModbusTCP communications. Based on Python3
simulator modbus-tcp
Python
•
GNU General Public License v3.0
•3•6•1•0•Updated Aug 16, 2023Aug 16, 2023
processfuzzyhash
Public
Volatility plugin to calculate and compare Windows processes fuzzy hashes
python dcfldd volatility ssdeep tlsh fuzzy-hashes sdhash volatility-plugins
Python
•
GNU Affero General Public License v3.0
•1•8•0•0•Updated Jul 25, 2023Jul 25, 2023
similarity-unrelocated-module
Public
Volatility plugin to yield and compare similarity digest of modules on execution.
python sum volatility memory-forensics volatility-plugins approximate-matching fuzzy-hash similarity-digest
Python
•
GNU General Public License v3.0
•0•2•1•0•Updated Jul 25, 2023Jul 25, 2023
windows-memory-extractor
Public
Tool to extract contents from the memory of Windows systems.
memory-forensics windows
C++
•
GNU General Public License v3.0
•2•14•0•0•Updated Jul 4, 2023Jul 4, 2023
EvalMe
Public
EvalMe: an evaluation and benchmarking tool
Python
•
GNU General Public License v3.0
•0•0•0•0•Updated Jun 27, 2023Jun 27, 2023
pinVMShield
Public
A pintool for protecting a sandbox application of common anti-virtualmachine and anti-sandbox detection techniques
dbi pintool pin cuckoo-sandbox anti-sandbox anti-vm dynamic-binary-instrumentation
C++
•
GNU General Public License v3.0
•2•9•0•0•Updated Jun 13, 2023Jun 13, 2023
Secure_Socket
Public
C++ Sockets implementing hybrid encryption
linux hybrid-encryption software-library
C++
•0•1•0•0•Updated Jun 13, 2023Jun 13, 2023
malscan
Public
Volatility plugin to detect malicious code thanks to ClamAV
python clamav malware-analysis volatility volatility-plugins
Python
•
GNU Affero General Public License v3.0
•1•3•0•0•Updated Jun 13, 2023Jun 13, 2023
sigcheck
Public
Volatility plugin to validate Authenticode-signed processes, either with embedded signature or catalog-signed
python openssl authenticode volatility sigcheck volatility-plugins
Python
•
GNU General Public License v3.0
•4•17•2•0•Updated Jun 13, 2023Jun 13, 2023
modex
Public
Volatility 3 plugins to extract a module as complete as possible
memory-forensics volatility-plugins volatility3
Python
•
GNU General Public License v3.0
•0•10•0•0•Updated Jun 13, 2023Jun 13, 2023
rop3
Public
A tool to search for gadgets, operations, and ROP chains using a backtracking algorithm in a tree-like structure
windows evaluation rop turing-completeness rop-chain automatic-exploit
Python
•
GNU General Public License v3.0
•0•14•1•0•Updated Jun 13, 2023Jun 13, 2023
chiton
Public
Chiton is a Python library to exfiltrate data encapsulating the data into IoT protocol’s packets
python mqtt iot coap amqp data-exfiltration amqp1-0
Python
•
GNU General Public License v3.0
•0•1•0•0•Updated Jun 12, 2023Jun 12, 2023
sum-plugin
Public
Volatility 2.6 plugin to undo modifications done by relocation process on modules
volatility similarity-score memory-forensics volatility-plugins approximate-matching
Python
•
GNU General Public License v3.0
•0•0•0•0•Updated Jun 12, 2023Jun 12, 2023
instant-messaging-artifact-finder
Public
Tool to find memory artifacts present in instant messaging applications.
instant-messaging telegram-desktop memory-forensics
Python
•
GNU General Public License v3.0
•2•9•1•0•Updated Dec 10, 2021Dec 10, 2021
asistencia-aula-EINA-telegram-bot
Public
Bot de Telegram para facilitar la entrada de datos de asistencia presencial en aulas de la EINA
Python
•
GNU General Public License v3.0
•0•1•0•0•Updated Oct 4, 2021Oct 4, 2021
residentmem
Public
Volatility plugin to obtain the number of the resident memory pages per module (exe or dll) and per driver from a Windows memory dump.
python volatility memory-forensics volatility-plugins
Python
•
GNU General Public License v3.0
•0•2•0•0•Updated May 11, 2021May 11, 2021
dumd-mixer
Public
Dump Module Mixer (dumd-mixer) is a Python script to generate a module from the same module extracted from a collection of memory dumps.
python volatility memory-forensics volatility-plugins
Python
•
GNU General Public License v3.0
•0•1•0•0•Updated Nov 28, 2020Nov 28, 2020
openssl
Public
TLS/SSL and crypto library
C
•
Apache License 2.0
•10k•0•0•0•Updated May 21, 2020May 21, 2020