"Open" software with its root in CERT.at's daily work will be found here, including descriptions.
This tool processes Sysinternals Process Monitor (Procmon) logfiles and PCAP-logs (Windump, Tcpdump) to generate a graph via the GraphViz suite. This graph visualizes any relevant activities (customizable) and can be interactively analyzed.
This tool calculates density (like entropy) for files of any file-system-path to finally output an
accordingly descending ordered list. This makes it possible to quickly find (even unknown) malware on
a potentially infected Microsoft Windows driven machine.
Software and tips to easily build up an automated malware analysis station based on a concept introduced in the paper
"Mass Malware Analysis: A Do-It-Yourself Kit".
A tool for generating byte-usage-histograms for all types of files with a special focus on binary executables in PE-format (Windows).