FireEye

Repositories

• capa-rules

  Standard collection of rules for capa: the tool for enumerating the capabilities of programs

  hacktoberfest
  Apache-2.0 32 144 41 (2 issues need help) 2 Updated Dec 24, 2020

• capa

  The FLARE team's open-source tool to identify capabilities in executable files.

  reverse-engineering malware-analysis
  Python Apache-2.0 158 1,290 40 2 Updated Dec 23, 2020

• speakeasy

  Windows kernel and user mode emulation.

  emulation malware-analysis
  Python MIT 70 516 21 0 Updated Dec 23, 2020

• capa-testfiles
  Python 11 9 0 0 Updated Dec 22, 2020

• HXTool

  HXTool is an extended user interface for the FireEye HX Endpoint product. HXTool can be installed on a dedicated server or on your physical workstation. HXTool provides additional features and capabilities over the standard FireEye HX web user interface. HXTool uses the fully documented REST API that comes with the FireEye HX for communication w…
  JavaScript 21 21 4 0 Updated Dec 21, 2020

• sunburst_countermeasures
  YARA 151 411 5 2 Updated Dec 21, 2020

• commando-vm

  Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@fireeye.com

  windows penetration-testing red-teaming fireeye-flare
  PowerShell Apache-2.0 924 4,280 28 5 Updated Dec 20, 2020

• FIDL

  A sane API for IDA Pro's decompiler. Useful for malware RE and vulnerability research

  api research decompiler malware ida vulnerability reversing
  Python MIT 49 298 1 0 Updated Dec 21, 2020

• red_team_tool_countermeasures
  YARA 808 2,239 1 2 Updated Dec 18, 2020

• jest-environment-serverless

  Testing your Serverless projects with Jest the easy way!
  JavaScript MIT 6 18 6 8 Updated Dec 11, 2020

• gocrack-ui

  The User Interface for GoCrack

  fireeye-flare
  Vue MIT 38 61 0 10 Updated Dec 11, 2020

• jitm

  JITM is an automated tool to bypass the JIT Hooking protection on a .NET sample.

  hooks dotnet jit malware-analysis jit-compiler fireeye-flare
  C++ Apache-2.0 8 19 0 1 Updated Dec 11, 2020

• ThreatPursuit-VM

  Threat Pursuit Virtual Machine (VM): A fully customizable, open-sourced Windows-based distribution focused on threat intelligence analysis and hunting designed for intel and malware analysts as well as threat hunters to get up and running quickly.

  data-science intelligence analytics virtual-machine malware threat cyber
  PowerShell 112 724 2 1 Updated Dec 3, 2020

• stringsifter

  A machine learning tool that ranks strings based on their relevance for malware analysis.

  machine-learning strings reverse-engineering learning-to-rank malware-analysis fireeye-flare fireeye-data-science
  Python Apache-2.0 77 450 4 0 Updated Dec 2, 2020

• Vulnerability-Disclosures
  C++ 8 24 0 0 Updated Dec 1, 2020

• flare-vm

  reverse-engineering malware-analysis fireeye-flare
  PowerShell Apache-2.0 436 2,523 79 1 Updated Nov 29, 2020

• OfficePurge
  C# Apache-2.0 23 147 0 0 Updated Nov 20, 2020

• flare-fakenet-ng

  [Suspended] FakeNet-NG - Next Generation Dynamic Network Analysis Tool

  malware-analysis traffic-redirection fireeye-flare fakenet-ng
  Python Apache-2.0 267 1,181 42 15 Updated Nov 11, 2020

• gocrack

  GoCrack is a management frontend for password cracking tools written in Go

  fireeye-flare
  Go MIT 210 972 15 (2 issues need help) 0 Updated Nov 9, 2020

• gocat

  Provides access to libhashcat

  fireeye-flare
  Go MIT 9 15 0 0 Updated Nov 9, 2020

• flare-floss

  FireEye Labs Obfuscated String Solver - Automatically extract obfuscated strings from malware.

  strings malware deobfuscation fireeye-flare
  Python Apache-2.0 286 1,694 48 3 Updated Nov 7, 2020

• flare-floss-testfiles

  Resources for testing FLOSS by the FLARE team.
  C 4 1 0 0 Updated Nov 4, 2020

• flare-emu

  emulation malware-analysis fireeye-flare
  Python Apache-2.0 65 449 2 0 Updated Nov 2, 2020

• PwnAuth
  Python Apache-2.0 61 258 1 3 Updated Oct 28, 2020

• flare-ida

  IDA Pro utilities from FLARE team

  reverse-engineering ida ida-pro ida-plugin idapython fireeye-flare
  Python Apache-2.0 368 1,317 15 3 Updated Oct 28, 2020

• muse-technical-challenge

  Muse Technical Challenge Stencil Component Starter
  TypeScript 5 1 0 1 Updated Oct 25, 2020

• DFUR-Splunk-App

  The "DFUR" Splunk application and data that was presented at the 2020 SANS DFIR Summit.

  log-analysis incident-response splunk-application
  MIT 5 6 0 0 Updated Sep 9, 2020

• dod-example-apps

  Example applications for FireEye's Detection on Demand service
  Python Apache-2.0 4 5 0 0 Updated Aug 25, 2020

• fireeye-python
  Python 9 26 0 0 Updated Aug 13, 2020

• mimosa-rpm-package
  JavaScript 5 3 0 1 Updated Jul 15, 2020