malcom
Traffic analyzer
Analyzes network traffic to detect malware communication and behavior
Malcom - Malware Communications Analyzer
1k stars
131 watching
215 forks
Language: Python
last commit: over 7 years ago
Linked from 1 awesome list
dfirinfosecmalwaremalware-analysisnetwork-trafficpcapthreat-intelligence
rshipp/awesome-malware-analysisRelated projects:
| Repository | Description | Stars |
|---|---|---|
 telekom-security/malware_analysis | An analysis repository providing scripts, signatures, and IOCs for detecting and analyzing malware. | 110 |
 idaholab/malcolm | A powerful tool suite for analyzing and visualizing network traffic data | 368 |
 cyb3rmx/qu1cksc0pe | An all-in-one malware analysis tool that provides detailed information about suspicious files and executables. | 1,348 |
 ch3k1/squidmagic | Analyzes web-based network traffic to detect malicious command and control servers using Squid proxy server and Spamhaus | 78 |
 cisagov/malcolm | A network traffic analysis tool suite that accepts various data formats and provides visualization and incident response capabilities. | 2,001 |
 zhengmin1989/droidanalytics | An Android malware analysis system designed to collect and analyze malware signatures using machine learning techniques. | 29 |
 michoo/pci | Analyzes network traffic to investigate packet interactions and visualize connections on a graph-based platform. | 90 |
 detuxsandbox/detux | Analyzes and captures malware traffic on Linux sandboxed environments using QEMU hypervisor and various CPU architectures. | 261 |
 mandiant/flare-fakenet-ng | A tool to intercept and analyze network traffic for malware analysis and testing | 1,824 |
 activecm/rita | A framework for detecting malicious communication patterns in network traffic by analyzing Zeek logs. | 215 |
 hatriot/zarp | A network attack tool designed to manage and analyze local networks | 1,449 |
| mandiant/capa | An executable file analysis tool that identifies capabilities and potential malicious behaviors. | 4,944 |
 advanced-threat-research/dotdumper | An automated tool for analyzing .NET-based malware samples by logging function calls and dumping memory segments. | 250 |
 joxeankoret/pyew | A command-line tool for analyzing malware and disassembling binary files | 386 |
 idiom/pftriage | Tool to analyze files during malware analysis and triage by extracting properties and detecting malicious indicators. | 77 |