Tai-e – An Easy-To-Learn/Use Static Analysis Framework For Java

Tai-e What is Tai-e? Tai-e (Chinese: 太阿; pronunciation: [ˈtaɪə:]) is a new static analysis framework for Java (please see our technical report for details), which features arguably the “best” designs from both the novel ones we proposed and those of classic frameworks such as Soot, WALA, Doop, and SpotBugs. Tai-e is easy-to-learn, easy-to-use, efficient, andRead More

Fuzzable – Framework For Automating Fuzzable Target Discovery With Static Analysis

Framework for Automating Fuzzable Target Discovery with Static Analysis. Introduction Vulnerability researchers conducting security assessments on software will often harness the capabilities of coverage-guided fuzzing through powerful tools like AFL++ and libFuzzer. This is important as it automates the bughunting process and reveals exploitable conditions in targets quickly. However, when encountering large and complex codebasesRead More

Subparse – Modular Malware Analysis Artifact Collection And Correlation Framework

Subparse, is a modular framework developed by Josh Strochein, Aaron Baker, and Odin Bernstein. The framework is designed to parse and index malware files and present the information found during the parsing in a searchable web-viewer. The framework is modular, making use of a core parsing engine, parsing modules, and a variety of enrichers thatRead More

nuvola – Tool To Dump And Perform Automatic And Manual Security Analysis On Aws Environments Configurations And Services

nuvola (with the lowercase n) is a tool to dump and perform automatic and manual security analysis on AWS environments configurations and services using predefined, extensible and custom rules created using a simple Yaml syntax. The general idea behind this project is to create an abstracted digital twin of a cloud platform. For a moreRead More

Appshark – Static Taint Analysis Platform To Scan Vulnerabilities In An Android App

Appshark is a static taint analysis platform to scan vulnerabilities in an Android app. Prerequisites Appshark requires a specific version of JDK — JDK 11. After testing, it does not work on other LTS versions, JDK 8 and JDK 16, due to the dependency compatibility issue. Building/Compiling AppShark We assume that you are working inRead More

Kam1n0 – Assembly Analysis Platform

Kam1n0 v2.x is a scalable assembly management and analysis platform. It allows a user to first index a (large) collection of binaries into different repositories and provide different analytic services such as clone search and classification. It supports multi-tenancy access and management of assembly repositories by using the concept of Application. An application instance containsRead More

Packj – Large-Scale Security Analysis Platform To Detect Malicious/Risky Open-Source Packages

Packj (pronounced package) is a command line (CLI) tool to vet open-source software packages for “risky” attributes that make them vulnerable to supply chain attacks. This is the tool behind our large-scale security analysis platform Packj.dev that continuously vets packages and provides free reports. How to use Packj accepts two input args: name of theRead More

Secretflow – A Unified Framework For Privacy-Preserving Data Analysis And Machine Learning

SecretFlow is a unified framework for privacy-preserving data intelligence and machine learning. To achieve this goal, it provides: An abstract device layer consists of plain devices and secret devices which encapsulate various cryptographic protocols. A device flow layer modeling higher algorithms as device object flow and DAG. An algorithm layer to do data analysis andRead More

Norimaci – Simple And Lightweight Malware Analysis Sandbox For macOS

[*] “Norimaci” is a simple and lightweight malware analysis sandbox for macOS. This tool was inspired by “Noriben“. Norimaci uses the features of OpenBSM or Monitor.app to monitor macOS system activity instead of Sysinternals Process Monitor (procmon). Norimaci consists of 3 Python scripts. norimaci.py : Main script openbsmconv.py : OpenBSM audit log converter monitorappconv.py :Read More

DroidDetective – A Machine Learning Malware Analysis Framework For Android Apps

A machine learning malware analysis framework for Android apps. DroidDetective is a Python tool for analysing Android applications (APKs) for potential malware related behaviour and configurations. When provided with a path to an application (APK file) Droid Detective will make a prediction (using it’s ML model) of if the application is malicious. Features and qualitiesRead More