Detection and Classification أدوات كشف تلغيم والفيروسات

[tenzensow]

 Antivirus and other malware identification tools

https://github.com/hiddenillusion/AnalyzePE]AnalyzePE

 - Wrapper for a variety of tools for reporting on Windows PE files.

https://bitbucket.org/cse-assemblyline/assemblyline]Assemblyline

 - A scalable distributed file analysis framework.

https://github.com/airbnb/binaryalert]BinaryAlert

 - An open source, serverless AWS pipeline that scans and alerts on uploaded files based on a set of YARA rules.

http://www.chkrootkit.org/]chkrootkit

 - Local Linux rootkit detection.

http://www.clamav.net/]ClamAV

 - Open source antivirus engine.

https://github.com/horsicq/Detect-It-Easy]Detect-It-Easy

 - A program for determining types of files.

http://exeinfo.pe.hu/]Exeinfo PE

 - Packer, compressor detector, unpack info, internal exe tools.

https://sno.phy.queensu.ca/~phil/exiftool/]ExifTool

 - Read, write and edit file metadata.

https://github.com/EmersonElectricCo/fsf]File Scanning Framework

 - Modular, recursive file scanning solution.

https://github.com/uppusaikiran/generic-parser]Generic File Parser

 - A Single Library Parser to extract meta information,static analysis and detect macros within the files.

https://github.com/jessek/hashdeep]hashdeep

 - Compute digest hashes with a variety of algorithms.

https://github.com/gurnec/HashCheck]HashCheck

 - Windows shell extension to compute hashes with a variety of algorithms.

https://github.com/Neo23x0/Loki]Loki

 - Host based scanner for IOCs.

https://github.com/Dynetics/Malfunction]Malfunction

 - Catalog and compare malware at a function level.

https://github.com/JusticeRage/Manalyze]Manalyze

 - Static analyzer for PE executables.

https://github.com/KoreLogicSecurity/mastiff]MASTIFF

 - Static analysis framework.

https://github.com/mitre/multiscanner]MultiScanner

 - Modular file scanning/analysis framework

https://github.com/rjhansen/nsrllookup]nsrllookup

 - A tool for looking up hashes in NIST's National Software Reference Library database.

http://handlers.sans.org/jclausing/packerid.py]packerid

 - A cross-platform Python alternative to PEiD.

https://hshrzd.wordpress.com/pe-bear/]PE-bear

 - Reversing tool for PE files.

http://pev.sourceforge.net/]PEV

 - A multiplatform toolkit to work with PE files, providing feature-rich tools for proper analysis of suspicious binaries.

http://rkhunter.sourceforge.net/]Rootkit Hunter

 - Detect Linux rootkits.

https://ssdeep-project.github.io/ssdeep/]ssdeep

 - Compute fuzzy hashes.

https://gist.github.com/gleblanc1783/3c8e6b379fa9d646d401b96ab5c7877f]totalhash.py

 - Python script for easy searching of the 

https://totalhash.cymru.com/]TotalHash.cymru.com

 database.

http://mark0.net/soft-trid-e.html]TrID

 - File identifier.

https://github.com/uppusaikiran/virustotal-falsepositive-detector]virustotal-falsepositive-detector

 - A Tool to Analyze Virustotal Reports to Find Potential False Positives based on similarity of Detection Naming.

https://plusvic.github.io/yara/]YARA

 - Pattern matching tool for analysts.

https://github.com/Neo23x0/yarGen]Yara rules generator

 - Generate yara rules based on a set of malware samples. Also contains a good strings DB to avoid false positives.

https://github.com/uppusaikiran/yara-finder]Yara Finder

 - A simple tool to yara match the file against various yara rules to find the indicators of suspicion