Cyber Threat Intelligence and Detection

Tools for threat intelligence, malicious documents and PDF analysis.


The Cryptam command line tool is used to analyze documents for embedded executables, to scan for known exploits and identify suspicious elements of new threa...


Threat Hunting with Zeek (formerly Bro) and MISP


The PDFExaminer command line scanner is a tool to process PDF documents for decompression, decryption, and deobfuscation, to scan for known exploits and iden...


QuickSand is a new Python-based analysis framework to analyze suspected malware documents to identify exploits in streams of different encodings or compressi...