"Open" software with its root in CERT.at's daily work will be found here, including descriptions.


ProcDOT

This tool processes Sysinternals Process Monitor (Procmon) logfiles and PCAP-logs (Windump, Tcpdump) to generate a graph via the GraphViz suite. This graph visualizes any relevant activities (customizable) and can be interactively analyzed.

Read more


DensityScout

This tool calculates density (like entropy) for files of any file-system-path to finally output an accordingly descending ordered list. This makes it possible to quickly find (even unknown) malware on a potentially infected Microsoft Windows driven machine.

Read more


Minibis

Software and tips to easily build up an automated malware analysis station based on a concept introduced in the paper "Mass Malware Analysis: A Do-It-Yourself Kit".

Read more


Bytehist

A tool for generating byte-usage-histograms for all types of files with a special focus on binary executables in PE-format (Windows).

Read more