Limon
Malware analyzer
Automated analysis tool for detecting and understanding Linux malware behavior
Limon is a sandbox developed as a research project written in python, which automatically collects, analyzes, and reports on the run time indicators of Linux malware. It allows one to inspect Linux malware before execution, during execution, and after execution (post-mortem analysis) by performing static, dynamic and memory analysis using open source tools
389 stars
38 watching
115 forks
Language: Python
last commit: over 8 years ago
Linked from 1 awesome list
rshipp/awesome-malware-analysisRelated projects:
| Repository | Description | Stars |
|---|---|---|
 tomchop/malcom | Analyzes network traffic to detect malware communication and behavior | 1,155 |
 tencent/habomalhunter | Automates malware analysis on Linux systems to extract and analyze static and dynamic features | 732 |
 detuxsandbox/detux | Analyzes and captures malware traffic on Linux sandboxed environments using QEMU hypervisor and various CPU architectures. | 260 |
 mitrecnd/malchive | A collection of reusable scripts and tools for analyzing malicious software | 75 |
 mandiant/speakeasy | Emulates specific components of the Windows operating system to analyze malware | 1,515 |
 zhengmin1989/droidanalytics | An Android malware analysis system designed to collect and analyze malware signatures using machine learning techniques. | 29 |
| mandiant/capa | An executable file analysis tool that identifies capabilities and potential malicious behaviors. | 4,873 |
 diogo-fernan/malsub | A Python framework that provides an API interface to multiple online services for analyzing malware and threat intelligence | 368 |
 gosecure/malboxes | Automates malware analysis on Windows VMs for research and testing purposes. | 1,030 |
| monnappa22/hollowfind | A Volatility plugin to detect hollowing techniques used in process analysis | 131 |
 accidentalrebel/mbcscan | Analyzes malware behavior and maps it to a Malware Behavior Catalog for better understanding | 20 |
 joxeankoret/pyew | A command-line tool for analyzing malware and disassembling binary files | 383 |
 uppusaikiran/generic-parser | Analyzes malware files to detect suspicious behavior by extracting meta information and features. | 1 |
 telekom-security/malware_analysis | An analysis repository providing scripts, signatures, and IOCs for detecting and analyzing malware. | 110 |
 kevoreilly/capev2 | A tool to extract configuration and payload from malware by analyzing its behavior in a sandboxed environment. | 2,011 |