awesome-repositories.com
Blog
awesome-repositories.com

Entdecke die besten Open-Source-Repositories mit KI-gestützter Suche.

EntdeckenKuratierte SuchenOpen-Source-AlternativenSelf-hosted SoftwareBlogSitemap
ProjektÜber unsRanking-MethodikPresseMCP-Server
RechtlichesDatenschutzAGB
© 2026 Bringes Technology SRL·VAT RO45896025·hello@awesome-repositories.com
·

23 Repos

Awesome GitHub RepositoriesDetection and Classification

Tools for identifying, scanning, and analyzing suspicious files.

Explore 23 awesome GitHub repositories matching part of an awesome list · Detection and Classification. Refine with filters or upvote what's useful.

Awesome Detection and Classification GitHub Repositories

Finde die besten Repos mit KI.Wir suchen mit KI nach den am besten passenden Repositories.
  • horsicq/detect-it-easyAvatar von horsicq

    horsicq/Detect-It-Easy

    10,266Auf GitHub ansehen↗

    Detect-It-Easy is a binary file identifier and analysis toolkit designed to determine file formats, compilers, and packers. It functions as a binary file identifier that utilizes signature matching and heuristic analysis to identify executable and archive formats. The project includes a custom file signature engine and a scriptable rule system for defining and applying detection logic to identify specific binary patterns. It features specialized detectors for Android packages, such as APK and DEX files, and a malware packer detector to identify protections, obfuscators, and virus families. T

    Identifies file types, compilers, and linkers.

    JavaScriptbinary-analysisdebuggerdetect
    Auf GitHub ansehen↗10,266
  • fireeye/capaAvatar von fireeye

    fireeye/capa

    6,062Auf GitHub ansehen↗

    capa is a static analysis tool that scans executable files to identify what a program can do, detecting capabilities such as API calls, byte sequences, and structural patterns without executing the code. It supports multiple file formats including PE, ELF, .NET, and shellcode, and can also process runtime behavior traces from sandbox reports generated by CAPE, DRAKVUF, or VMRay. The tool integrates directly with reverse engineering environments through plugins for IDA Pro and Ghidra, allowing analysts to view capability matches and author detection rules within their disassembler of choice. C

    Detects capabilities and behaviors in executable files.

    Python
    Auf GitHub ansehen↗6,062
  • neo23x0/lokiAvatar von Neo23x0

    Neo23x0/Loki

    3,763Auf GitHub ansehen↗

    Loki is an endpoint detection tool, forensic artifact analyzer, and threat intelligence scanner. It functions as a YARA-based indicator of compromise scanner designed to identify malicious persistence mechanisms, web shells, and unauthorized administration tools across local and remote systems. The project distinguishes itself by integrating multi-source threat intelligence, allowing for the loading of custom signature sets and encrypted indicators. It combines hash-based artifact detection with YARA rule execution to scan files, process memory, and registry hives for known malicious byte seq

    Host-based scanner for detecting known IOCs.

    Python
    Auf GitHub ansehen↗3,763
  • gurnec/hashcheckAvatar von gurnec

    gurnec/HashCheck

    2,046Auf GitHub ansehen↗

    HashCheck Shell Extension for Windows with added SHA2, SHA3, and multithreading; originally from code.kliu.org

    Windows shell extension for computing file hashes.

    C
    Auf GitHub ansehen↗2,046
  • neo23x0/yargenAvatar von Neo23x0

    Neo23x0/yarGen

    1,796Auf GitHub ansehen↗

    yarGen is a generator for YARA rules

    Generates YARA rules from malware samples.

    Python
    Auf GitHub ansehen↗1,796
  • cmu-sei/pharosAvatar von cmu-sei

    cmu-sei/pharos

    1,708Auf GitHub ansehen↗

    Automated static analysis tools for binary programs

    Generates YARA signatures for functions within executables.

    C++
    Auf GitHub ansehen↗1,708
  • quark-engine/quark-engineAvatar von quark-engine

    quark-engine/quark-engine

    1,687Auf GitHub ansehen↗

    Scoring system for Android malware based on obfuscation analysis.

    Python
    Auf GitHub ansehen↗1,687
  • airbnb/binaryalertAvatar von airbnb

    airbnb/binaryalert

    1,450Auf GitHub ansehen↗

    BinaryAlert: Serverless, Real-time & Retroactive Malware Detection.

    Serverless pipeline for scanning files using YARA rules.

    Python
    Auf GitHub ansehen↗1,450
  • justicerage/manalyzeAvatar von JusticeRage

    JusticeRage/Manalyze

    1,124Auf GitHub ansehen↗

    A static analyzer for PE executables.

    Static analysis tool for PE executables.

    YARA
    Auf GitHub ansehen↗1,124
  • jessek/hashdeepAvatar von jessek

    jessek/hashdeep

    781Auf GitHub ansehen↗

    This is md5deep, a set of cross-platform tools to compute hashes, or message digests, for any number of files while optionally recursively digging through the directory structure. It can also take a list of known hashes and display the filenames of input files whose hashes either do or do not…

    Computes multiple hash digests for file verification.

    C++
    Auf GitHub ansehen↗781
  • guelfoweb/peframeAvatar von guelfoweb

    guelfoweb/peframe

    628Auf GitHub ansehen↗

    PEframe is a open source tool to perform static analysis on Portable Executable malware and malicious MS Office documents.

    Performs static analysis on PE files and Office documents.

    YARA
    Auf GitHub ansehen↗628
  • mitre/multiscannerAvatar von mitre

    mitre/multiscanner

    622Auf GitHub ansehen↗

    Modular file scanning/analysis framework

    Modular framework for file scanning and analysis.

    Python
    Auf GitHub ansehen↗622
  • horsicq/nauz-file-detectorAvatar von horsicq

    horsicq/Nauz-File-Detector

    574Auf GitHub ansehen↗

    Linker/Compiler/Tool detector for Windows, Linux and MacOS.

    Detects compilers and linkers for various operating systems.

    C++
    Auf GitHub ansehen↗574
  • katjahahn/portexAvatar von katjahahn

    katjahahn/PortEx

    532Auf GitHub ansehen↗

    Java library to analyse Portable Executable files with a special focus on malware analysis and PE malformation robustness

    Java library for analyzing PE files and malformations.

    Scala
    Auf GitHub ansehen↗532
  • emersonelectricco/fsfAvatar von EmersonElectricCo

    EmersonElectricCo/fsf

    294Auf GitHub ansehen↗

    File Scanning Framework

    Modular solution for recursive file scanning.

    Python
    Auf GitHub ansehen↗294
  • hiddenillusion/analyzepeAvatar von hiddenillusion

    hiddenillusion/AnalyzePE

    210Auf GitHub ansehen↗

    Wraps around various tools and provides some additional checks/information to produce a centralized report of a PE file.

    Wrapper for reporting on Windows PE file characteristics.

    Python
    Auf GitHub ansehen↗210
  • dynetics/malfunctionAvatar von Dynetics

    Dynetics/Malfunction

    192Auf GitHub ansehen↗

    Malware Analysis Tool using Function Level Fuzzy Hashing

    Compares malware samples at the function level.

    Python
    Auf GitHub ansehen↗192
  • korelogicsecurity/mastiffAvatar von KoreLogicSecurity

    KoreLogicSecurity/mastiff

    185Auf GitHub ansehen↗

    Malware static analysis framework

    Framework for automated static analysis.

    Python
    Auf GitHub ansehen↗185
  • rjhansen/nsrllookupAvatar von rjhansen

    rjhansen/nsrllookup

    115Auf GitHub ansehen↗

    Checks with NSRL RDS servers looking for for hash matches

    Queries NIST's software reference library for file hashes.

    C++
    Auf GitHub ansehen↗115
  • sooshie/packeridAvatar von sooshie

    sooshie/packerid

    50Auf GitHub ansehen↗

    Fork of packerid.py

    Cross-platform tool for identifying file packers.

    Python
    Auf GitHub ansehen↗50
Vorherige12Nächste
  1. Home
  2. Part of an Awesome List
  3. Developer Tools
  4. Detection and Classification