Josh Stroschein (@jstrosch)
  • Stars
    star
    1,699
  • Global Rank 18,182 (Top 0.7 %)
  • Followers 459
  • Following 22
  • Registered over 12 years ago
  • Most used languages
    Python
    60.0 %
    C
    13.3 %
    C#
    6.7 %
    C++
    6.7 %
    HTML
    6.7 %
    YARA
    6.7 %
  • Location 🇺🇸 United States
  • Country Total Rank 5,643
  • Country Ranking
    YARA
    36
    HTML
    221
    C#
    1,109
    C
    1,468
    Python
    7,027

Top repositories

1

malware-samples

Malware samples, analysis exercises and other interesting resources.
HTML
1,214
star
2

learning-reverse-engineering

This repository contains sample programs written primarily in C and C++ for learning native code reverse engineering.
C
163
star
3

learning-malware-analysis

This repository contains sample programs that mimick behavior found in real-world malware. The goal is to provide source code that can be compiled and used for learning purposes, without having to worry about handling live malware.
C#
161
star
4

subparse

Modular malware analysis artifact collection and correlation framework
Python
52
star
5

XOR-Decode-Strings-IDA-Plugin

This IDA Python plugin is intended to get you started creating IDA Plugins with Python, recognize the importance of deobfuscating strings and work on translating assembly to a higher-level language (i.e. Python).
Python
25
star
6

graph-maldoc-similar-images

A script that extracts embedded images from Office Open XML (OOXML) documents and generates image hash similarity graphs that cluster visually similar images together. The script computes the Average Hash of each extracted image, then graphs the images if they meet the similarity threshold. The script can be used as a technique for visually identifying malware campaigns involving documents. To use the script, supply a directory containing OOXML files. If LibreOffice is in your PATH you can optionally convert non-OOXML Word, Excel, PowerPoint and Rich Text File documents to OOXML. The script outputs DOT files that can be exported as images using Graphviz. If Graphviz is in your PATH you can also export to an SVG (preferred) or PNG image.
Python
18
star
7

search-abuse.ch

Python3 script that can download samples directly from Abuse.CH or via submitted URLs
Python
15
star
8

Username_Generator

A Burp Extension that parses emails from HTTP content and can optionally generate usernames.
Python
8
star
9

shodan-scan-wrapper

Python3 script that wraps Shodan CLI - it resolves a domain to an IP and then performs a scan
Python
8
star
10

hybrid-analysis-api

This is a small Python3 script that allows you to search and download samples from Hybrid Analysis' v2 API
Python
7
star
11

malware-signatures

A collection of various signatures that I have either found or created, useful for malware analysis.
YARA
5
star
12

Rapid-Tool-Development

This repository contains programs for CSC 842.
Python
4
star
13

Academic

This is a repository for a variety of academic projects
C
4
star
14

ps-suricata-lab

3
star
15

emotet-droppers-fall2019

Python3 script that deobfuscates and then decodes base64 string that contains PowerShell script and extracts the URLs used to download Emotet binaries
Python
2
star
16

learning-software-exploitation

This repository contains sample code, projects and lab walk-throughs to help learn software exploitation.
2
star
17

CSC-840

C++
1
star