Rust components for assemblyline

Deobfuscate batch scripts obfuscated using string substitution and escape character techniques.

Custom services for AssemblyLine 4

Assemblyline 4 service that leverage the CAPA open source tool

Assemblyline 4 service for badlisting network and file features

QuickSand document and PDF malware analysis tool written in Python

Pafish is a testing tool that uses different techniques to detect virtual machines and malware analysis environments in the same way that malware families do

Pafish Macro is a Macro enabled Office Document to detect malware analysis systems and sandboxes. It uses evasion & detection techniques implemented by malicious documents.

Powershell sandboxing utility

A tool for studying JavaScript malware.

Main Sigma Rule Repository

AutoIt unpacker service

Dynamic unpacker based on PE-sieve

Python wrappers for mal_unpack

Assemblyline 4 service which submits a file or URL to MetaDefender Sandbox

A True Instrumentable Binary Emulation Framework

Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).

Python implementation of the CaRT library for (un)inerting files.

Python low-interaction honeyclient

IntelOwl: manage your Threat Intelligence at scale

Firmware Analysis Tool

All-in-One malware analysis tool.

Assemblyline 4 JavaScript emulation and static analysis service

Generate list of potential typo squatting domains with domain name permutation engine to feed AIL and other systems.

Assemblyline 4 service that specializes in judging network IOCs

Algorithme d'apprentissage statistique permettant de créer un modèle sur les lignes de commandes des évènements "Création de Processus", afin de détecter des anomalies dans les évènements futurs

Anything Sysmon related from the MSTIC R&D team

A library containing common methods and classes that are used across Assemblyline 4 services

A JavaScript implementation of various web standards, for use with Node.js