Limon

Malware analyzer

Automated analysis tool for detecting and understanding Linux malware behavior

Limon is a sandbox developed as a research project written in python, which automatically collects, analyzes, and reports on the run time indicators of Linux malware. It allows one to inspect Linux malware before execution, during execution, and after execution (post-mortem analysis) by performing static, dynamic and memory analysis using open source tools

GitHub

389 stars
38 watching
115 forks
Language: Python
last commit: over 8 years ago
Linked from 1 awesome list


Backlinks from these awesome lists:

Related projects:

Repository Description Stars
tomchop/malcom Analyzes network traffic to detect malware communication and behavior 1,155
tencent/habomalhunter Automates malware analysis on Linux systems to extract and analyze static and dynamic features 732
detuxsandbox/detux Analyzes and captures malware traffic on Linux sandboxed environments using QEMU hypervisor and various CPU architectures. 260
mitrecnd/malchive A collection of reusable scripts and tools for analyzing malicious software 75
mandiant/speakeasy Emulates specific components of the Windows operating system to analyze malware 1,515
zhengmin1989/droidanalytics An Android malware analysis system designed to collect and analyze malware signatures using machine learning techniques. 29
mandiant/capa An executable file analysis tool that identifies capabilities and potential malicious behaviors. 4,885
diogo-fernan/malsub A Python framework that provides an API interface to multiple online services for analyzing malware and threat intelligence 368
gosecure/malboxes Automates malware analysis on Windows VMs for research and testing purposes. 1,030
monnappa22/hollowfind A Volatility plugin to detect hollowing techniques used in process analysis 131
accidentalrebel/mbcscan Analyzes malware behavior and maps it to a Malware Behavior Catalog for better understanding 20
joxeankoret/pyew A command-line tool for analyzing malware and disassembling binary files 383
uppusaikiran/generic-parser Analyzes malware files to detect suspicious behavior by extracting meta information and features. 1
telekom-security/malware_analysis An analysis repository providing scripts, signatures, and IOCs for detecting and analyzing malware. 110
kevoreilly/capev2 A tool to extract configuration and payload from malware by analyzing its behavior in a sandboxed environment. 2,011