diff --git a/src/_releases/github.com/dod-cyber-crime-center/dc3-mwcp.json b/src/_releases/github.com/dod-cyber-crime-center/dc3-mwcp.json new file mode 100644 index 0000000..8b5e2d8 --- /dev/null +++ b/src/_releases/github.com/dod-cyber-crime-center/dc3-mwcp.json @@ -0,0 +1,39 @@ +{ + "organization": "Department of Defense Cyber Crime Center (DC3)", + "name": "DC3 Malware Configuration Parser (DC3-MWCP)", + "description": "DC3 Malware Configuration Parser (DC3-MWCP) is a framework for parsing configuration information from malware. The information extracted from malware includes items such as addresses, passwords, filenames, and mutex names.", + "tags": [ + "automation", + "config-dump", + "framework", + "malware-analysis", + "malware-automation", + "python" + ], + "contact": { + "email": "dc3.information@us.af.mil" + }, + "status": "Production", + "vcs": "git", + "languages": [ + "Python", + "HTML", + "CSS" + ], + "laborHours": 5616, + "repositoryURL": "https://github.com/dod-cyber-crime-center/DC3-MWCP", + "permissions": { + "licenses": [ + { + "URL": "https://github.com/dod-cyber-crime-center/DC3-MWCP/blob/master/LICENSE.txt", + "name": "MIT" + } + ], + "usageType": "openSource" + }, + "date": { + "created": "2017-04-18", + "lastModified": "2023-12-05", + "metadataLastUpdated": "2024-02-08" + } +} \ No newline at end of file diff --git a/src/_releases/github.com/dod-cyber-crime-center/dc3dd.json b/src/_releases/github.com/dod-cyber-crime-center/dc3dd.json new file mode 100644 index 0000000..e07ce41 --- /dev/null +++ b/src/_releases/github.com/dod-cyber-crime-center/dc3dd.json @@ -0,0 +1,35 @@ +{ + "organization": "Department of Defense Cyber Crime Center (DC3)", + "name": "dc3dd", + "description": "A version of the GNU dd program, this version has several features intended for forensic acquisition of data. Highlights include hashing on-the-fly, split output files, pattern writing, a progress meter, and file verification.", + "tags": [ + "digital-forensics" + ], + "contact": { + "email": "dc3.information@us.af.mil" + }, + "status": "Production", + "vcs": "svn", + "languages": [ + "C" + ], + "laborHours": 1039, + "repositoryURL": "https://sourceforge.net/projects/dc3dd/", + "permissions": { + "licenses": [ + { + "URL": "https://www.gnu.org/licenses/old-licenses/fdl-1.2.en.html", + "name": "GNU General Public License v1.2" + } + ], + "usageType": "openSource" + }, + "additional_information": { + "additional_notes": "The hours recorded for this effort only include information after 2013" + }, + "date": { + "created": "2008-02-01", + "lastModified": "2023-04-25", + "metadataLastUpdated": "2024-02-08" + } +} \ No newline at end of file diff --git a/src/_releases/github.com/dod-cyber-crime-center/dragodis.json b/src/_releases/github.com/dod-cyber-crime-center/dragodis.json new file mode 100644 index 0000000..ca9c9c6 --- /dev/null +++ b/src/_releases/github.com/dod-cyber-crime-center/dragodis.json @@ -0,0 +1,37 @@ +{ + "organization": "Department of Defense Cyber Crime Center (DC3)", + "name": "Dragodis", + "description": "Dragodis is a Python framework which allows for the creation of universal disassembler scripts.", + "tags": [ + "automation", + "ghidra", + "ida", + "malware-analysis", + "malware-automation", + "python" + ], + "contact": { + "email": "dc3.information@us.af.mil" + }, + "status": "Production", + "vcs": "git", + "languages": [ + "Python" + ], + "laborHours": 1664, + "repositoryURL": "https://github.com/dod-cyber-crime-center/Dragodis", + "permissions": { + "licenses": [ + { + "URL": "https://github.com/dod-cyber-crime-center/Dragodis/blob/master/LICENSE.txt", + "name": "MIT" + } + ], + "usageType": "openSource" + }, + "date": { + "created": "2022-06-27", + "lastModified": "2023-12-05", + "metadataLastUpdated": "2024-02-08" + } +} \ No newline at end of file diff --git a/src/_releases/github.com/dod-cyber-crime-center/kordesii.json b/src/_releases/github.com/dod-cyber-crime-center/kordesii.json new file mode 100644 index 0000000..f28e500 --- /dev/null +++ b/src/_releases/github.com/dod-cyber-crime-center/kordesii.json @@ -0,0 +1,32 @@ +{ + "organization": "Department of Defense Cyber Crime Center (DC3)", + "name": "Kordesii", + "description": "DC3-Kordesii is a framework for decoding encoded strings and files in malware via IDA Pro IDAPython scripting.", + "tags": [ + "Python" + ], + "contact": { + "email": "dc3.information@us.af.mil" + }, + "status": "Production", + "vcs": "git", + "languages": [ + "Python" + ], + "laborHours": 249, + "repositoryURL": "https://github.com/dod-cyber-crime-center/kordesii", + "permissions": { + "licenses": [ + { + "URL": "https://github.com/dod-cyber-crime-center/kordesii/blob/master/LICENSE.txt", + "name": "MIT" + } + ], + "usageType": "openSource" + }, + "date": { + "created": "2020-06-11", + "lastModified": "2023-12-05", + "metadataLastUpdated": "2024-02-08" + } +} \ No newline at end of file diff --git a/src/_releases/github.com/dod-cyber-crime-center/pyhidra.json b/src/_releases/github.com/dod-cyber-crime-center/pyhidra.json new file mode 100644 index 0000000..07a4c99 --- /dev/null +++ b/src/_releases/github.com/dod-cyber-crime-center/pyhidra.json @@ -0,0 +1,38 @@ +{ + "organization": "Department of Defense Cyber Crime Center (DC3)", + "name": "Pyhidra", + "description": "Pyhidra is a Python library that provides direct access to the Ghidra API within a native CPython interpreter using jpype.", + "tags": [ + "automation", + "ghidra", + "malware-analysis", + "malware-research", + "python" + ], + "contact": { + "email": "dc3.information@us.af.mil" + }, + "status": "Production", + "vcs": "git", + "languages": [ + "Python", + "Java", + "C" + ], + "laborHours": 1248, + "repositoryURL": "https://github.com/dod-cyber-crime-center/pyhidra", + "permissions": { + "licenses": [ + { + "URL": "https://github.com/dod-cyber-crime-center/pyhidra/blob/master/LICENSE", + "name": "MIT" + } + ], + "usageType": "openSource" + }, + "date": { + "created": "2022-09-28", + "lastModified": "2024-01-30", + "metadataLastUpdated": "2024-02-08" + } +} \ No newline at end of file diff --git a/src/_releases/github.com/dod-cyber-crime-center/rugosa.json b/src/_releases/github.com/dod-cyber-crime-center/rugosa.json new file mode 100644 index 0000000..3a65c87 --- /dev/null +++ b/src/_releases/github.com/dod-cyber-crime-center/rugosa.json @@ -0,0 +1,38 @@ +{ + "organization": "Department of Defense Cyber Crime Center (DC3)", + "name": "Rugosa", + "description": "The next generation of kordesii. This is a library (not a framework) for managing emulation and provides utilities for interfacing with decompiled malware samples using dragodis.", + "tags": [ + "automation", + "emulation", + "malware-analysis", + "malware-automation", + "python", + "string-decode" + ], + "contact": { + "email": "dc3.information@us.af.mil" + }, + "status": "Production", + "vcs": "git", + "languages": [ + "Python", + "Java" + ], + "laborHours": 1664, + "repositoryURL": "https://github.com/dod-cyber-crime-center/rugosa", + "permissions": { + "licenses": [ + { + "URL": "https://github.com/dod-cyber-crime-center/rugosa/blob/master/LICENSE.txt", + "name": "MIT" + } + ], + "usageType": "openSource" + }, + "date": { + "created": "2022-09-16", + "lastModified": "2023-12-05", + "metadataLastUpdated": "2024-02-08" + } +} \ No newline at end of file diff --git a/src/_releases/github.com/dod-cyber-crime-center/sqlite-dissect.json b/src/_releases/github.com/dod-cyber-crime-center/sqlite-dissect.json new file mode 100644 index 0000000..cf401c7 --- /dev/null +++ b/src/_releases/github.com/dod-cyber-crime-center/sqlite-dissect.json @@ -0,0 +1,36 @@ +{ + "organization": "Department of Defense Cyber Crime Center (DC3)", + "name": "SQLite Dissect", + "description": "SQLite Dissect is a SQLite parser with recovery abilities over SQLite databases and their accompanying journal files.", + "tags": [ + "data-recovery", + "forensic", + "python", + "sqlite" + ], + "contact": { + "email": "dc3.information@us.af.mil" + }, + "status": "Production", + "vcs": "git", + "languages": [ + "Python", + "SQLite" + ], + "hours": 1638, + "repositoryURL": "https://github.com/dod-cyber-crime-center/sqlite-dissect", + "permissions": { + "licenses": [ + { + "URL": "https://github.com/dod-cyber-crime-center/sqlite-dissect/blob/master/LICENSE.txt", + "name": "MIT" + } + ], + "usageType": "openSource" + }, + "date": { + "created": "2021-07-29", + "lastModified": "2022-05-26", + "metadataLastUpdated": "2024-02-08" + } +} \ No newline at end of file