Trending repositories for topic malware-analysis

A comprehensive collection of cheatsheets for reverse engineering, binary analysis, and assembly programming tools. This repository serves as a one-stop reference for security researchers, reverse eng...

Program for determining types of files for Windows, Linux and MacOS.

A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.

An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and ...

Defund the Police.

The FLARE team's open-source tool to identify capabilities in executable files.

A curated list of awesome YARA rules, tools, and people.

LIEF - Library to Instrument Executable Formats (C++, Python, Rust)

Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, Threa...

FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.

Exploit Development and Reverse Engineering with GDB Made Easy

RAT And C&C Resources. 250+ Open Source Projects, 1200+ RAT/C&C blog/video.

the fastest and most powerful android decompiler(native tool working without Java VM) for the APK, DEX, ODEX, OAT, JAR, AAR, and CLASS file. which supports malicious behavior detection, privacy leakin...

A curated list of awesome Android Reverse Engineering training, resources, and tools.

Extracted Yara rules from Windows Defender mpavbase and mpasbase

For educational purposes only, exhaustive samples of 450+ classic/modern trojan builders including screenshots.

A curated list of awesome resources related to executable packing

Android Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android

A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑

Live memory analysis detecting malware IOCs in processes, modules, handles, tokens, threads, .NET assemblies, memory address space and environment variables. Dumps, detects and dissasemble hooks, shel...

MalwareDB: bookkeeping for malware, goodware, and unknown files with relationship discovery

A comprehensive collection of cheatsheets for reverse engineering, binary analysis, and assembly programming tools. This repository serves as a one-stop reference for security researchers, reverse eng...

Anomaly based Malware Detection using Machine Learning (PE and URL)

Extracted Yara rules from Windows Defender mpavbase and mpasbase

Records an executable's network activity into a Full Packet Capture file (.pcap) and much more.

#supply #chain #attack #detection

For educational purposes only, exhaustive samples of 450+ classic/modern trojan builders including screenshots.

Anti-Malware for minecraft

Research on code virtualization in .NET [WIP]

A curated list of awesome Android Reverse Engineering training, resources, and tools.

Cybersecurity research results. Simple C/C++ and Python implementations

Small collection of Ransomware organized by family.

AssemblyLine 4: File triage and malware analysis

a list of 350+ Free TryHackMe rooms to start learning cybersecurity with THM

A curated list of awesome resources related to executable packing

RAT And C&C Resources. 250+ Open Source Projects, 1200+ RAT/C&C blog/video.

A library for creating, reading and editing PE files and .NET modules.

A curated list of awesome YARA rules, tools, and people.

A Binary Genetic Traits Lexer Framework

Exploit Development and Reverse Engineering with GDB Made Easy

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and ...

An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.

State-of-the-art native debugging tools

UNIX-like reverse engineering framework and command-line toolset

Defund the Police.

A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.

Program for determining types of files for Windows, Linux and MacOS.

A comprehensive collection of cheatsheets for reverse engineering, binary analysis, and assembly programming tools. This repository serves as a one-stop reference for security researchers, reverse eng...

a list of 350+ Free TryHackMe rooms to start learning cybersecurity with THM

A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑

IDA Pro plugin with a rich set of features: decryption, deobfuscation, patching, lib code recognition and various pseudocode transformations

A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.

LIEF - Library to Instrument Executable Formats (C++, Python, Rust)

A curated list of awesome resources related to executable packing

A curated list of awesome YARA rules, tools, and people.

For educational purposes only, exhaustive samples of 450+ classic/modern trojan builders including screenshots.

Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, Threa...

Android Reverse-Engineering Workbench for VS Code

A curated list of awesome Android Reverse Engineering training, resources, and tools.

Live memory analysis detecting malware IOCs in processes, modules, handles, tokens, threads, .NET assemblies, memory address space and environment variables. Dumps, detects and dissasemble hooks, shel...

MalwareDB: bookkeeping for malware, goodware, and unknown files with relationship discovery

Raw data from Threat Intelligence Reports with automatic reports collection and keyword search across thousands of reports

A comprehensive collection of cheatsheets for reverse engineering, binary analysis, and assembly programming tools. This repository serves as a one-stop reference for security researchers, reverse eng...

Cyber-Security Bible! Theory and Tools, Kali Linux, Penetration Testing, Bug Bounty, CTFs, Malware Analysis, Cryptography, Secure Programming, Web App Security, Cloud Security, Devsecops, Ethical Hack...

a list of 350+ Free TryHackMe rooms to start learning cybersecurity with THM

There are many powerful viruses 💀 that can damage your PC in a matter of seconds. Batch file virus to gain full access to another computer. This repo is a collection of fun little viruses that pack a...

No description

Records an executable's network activity into a Full Packet Capture file (.pcap) and much more.

Extracted Yara rules from Windows Defender mpavbase and mpasbase

Small collection of Ransomware organized by family.

IDA Pro plugin with a rich set of features: decryption, deobfuscation, patching, lib code recognition and various pseudocode transformations

FLARE Team's Binary Navigator

For educational purposes only, exhaustive samples of 450+ classic/modern trojan builders including screenshots.

#supply #chain #attack #detection

A curated list of awesome Android Reverse Engineering training, resources, and tools.

A curated list of awesome Memory Forensics for DFIR

Cybersecurity research results. Simple C/C++ and Python implementations

A curated list of awesome resources related to executable packing

State-of-the-art native debugging tools

An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.

IDA Pro plugin with a rich set of features: decryption, deobfuscation, patching, lib code recognition and various pseudocode transformations

FLARE Team's Binary Navigator

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and ...

Exploit Development and Reverse Engineering with GDB Made Easy

UNIX-like reverse engineering framework and command-line toolset

Program for determining types of files for Windows, Linux and MacOS.

Defund the Police.

A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.

A comprehensive collection of cheatsheets for reverse engineering, binary analysis, and assembly programming tools. This repository serves as a one-stop reference for security researchers, reverse eng...

A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.

Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, Threa...

Malware Configuration And Payload Extraction

State-of-the-art native debugging tools

LIEF - Library to Instrument Executable Formats (C++, Python, Rust)

The FLARE team's open-source tool to identify capabilities in executable files.

A curated list of awesome YARA rules, tools, and people.

🐸 Identify anything. pyWhat easily lets you identify emails, IP addresses, and more. Feed it a .pcap file or some text and it'll tell you what it is! 🧙‍♀️

Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).

IntelOwl: manage your Threat Intelligence at scale

FLARE Team's Binary Navigator

Python bindings for the Icicle emulator.

IDA Pro plugin with a rich set of features: decryption, deobfuscation, patching, lib code recognition and various pseudocode transformations

A comprehensive collection of cheatsheets for reverse engineering, binary analysis, and assembly programming tools. This repository serves as a one-stop reference for security researchers, reverse eng...

Live memory analysis detecting malware IOCs in processes, modules, handles, tokens, threads, .NET assemblies, memory address space and environment variables. Dumps, detects and dissasemble hooks, shel...

Reverse Engineering and Malware Analysis Roadmap

Raw data from Threat Intelligence Reports with automatic reports collection and keyword search across thousands of reports

No description

Cyber-Security Bible! Theory and Tools, Kali Linux, Penetration Testing, Bug Bounty, CTFs, Malware Analysis, Cryptography, Secure Programming, Web App Security, Cloud Security, Devsecops, Ethical Hack...

MalwareDB: bookkeeping for malware, goodware, and unknown files with relationship discovery

A tool for extracting contents (assemblies, configuration, etc.) from a single-file application to a directory, suitable for purposes like malware analysis.

A curated list of awesome malware analysis tools and resources

Hiew External Module (HEM) to calculate CRC-32, MD5, SHA-1, and SHA-256 hashes of a given file/block

A curated list of tools useful within the field of cyber security, for both blue and red team operations.

A Binary Genetic Traits Lexer Framework

File analysis and management framework.

Reverse Engineering tools

a list of 350+ Free TryHackMe rooms to start learning cybersecurity with THM

Extracted Yara rules from Windows Defender mpavbase and mpasbase

Cybersecurity research results. Simple C/C++ and Python implementations

GUI analyzer for deep-diving into PDF files. Detect malicious payloads, understand object relationships, and extract key information for threat analysis.

IDA Pro plugin with a rich set of features: decryption, deobfuscation, patching, lib code recognition and various pseudocode transformations

#supply #chain #attack #detection

A comprehensive collection of cheatsheets for reverse engineering, binary analysis, and assembly programming tools. This repository serves as a one-stop reference for security researchers, reverse eng...

Extracted Yara rules from Windows Defender mpavbase and mpasbase

Deep Linux runtime visibility meets Wireshark

Records an executable's network activity into a Full Packet Capture file (.pcap) and much more.

A simple crossplatform heuristic PE-analyzer

FLARE Team's Binary Navigator

Easy-as-dumb toolkit to prevent any malicious injections in your Android app. Beware of cheaters!

XZ backdoor reverse engineering

Advanced dynamic malware analysis tool.

A collection of modules and scripts to help with analyzing Nim binaries

Raw data from Threat Intelligence Reports with automatic reports collection and keyword search across thousands of reports

Reverse Engineering and Malware Analysis Roadmap

Native Python3 bindings for @horsicq's Detect-It-Easy

A Malware Scarecrow for Windows 10/11 with a user-friendly touch.

Stuxnet extracted binaries by reversing & Stuxnet Rootkit Analysis

Symbol Recovery Tool for Nuitka Binaries

A simple commandline application to automatically decrypt strings from Obfuscator protected binaries

An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and ...

UNIX-like reverse engineering framework and command-line toolset

Program for determining types of files for Windows, Linux and MacOS.

Exploit Development and Reverse Engineering with GDB Made Easy

Defund the Police.

The FLARE team's open-source tool to identify capabilities in executable files.

A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.

A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.

GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux

IntelOwl: manage your Threat Intelligence at scale

GUI analyzer for deep-diving into PDF files. Detect malicious payloads, understand object relationships, and extract key information for threat analysis.

Tools and Techniques for Blue Team / Incident Response

IDA Pro plugin with a rich set of features: decryption, deobfuscation, patching, lib code recognition and various pseudocode transformations

MISP (core software) - Open Source Threat Intelligence and Sharing Platform

Portable Executable reversing tool with a friendly GUI

LIEF - Library to Instrument Executable Formats (C++, Python, Rust)

Malware Configuration And Payload Extraction

State-of-the-art native debugging tools

A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑

GUI analyzer for deep-diving into PDF files. Detect malicious payloads, understand object relationships, and extract key information for threat analysis.

IDA Pro plugin with a rich set of features: decryption, deobfuscation, patching, lib code recognition and various pseudocode transformations

Extracted Yara rules from Windows Defender mpavbase and mpasbase

A comprehensive collection of cheatsheets for reverse engineering, binary analysis, and assembly programming tools. This repository serves as a one-stop reference for security researchers, reverse eng...

For educational purposes only, exhaustive samples of 450+ classic/modern trojan builders including screenshots.

Deep Linux runtime visibility meets Wireshark

FLARE Team's Binary Navigator

XZ backdoor reverse engineering

Single file php webshell scanner to detect potentially malicious backdoor based on token and hash with web interface and VirusTotal integration. Subscribe to get API Key

A small program written in C that is designed to load 32/64-bit shellcode and allow for execution or debugging. Can also output PE files from shellcode.

Advanced dynamic malware analysis tool.

Windows-based Reverse Engineering Toolkit "All-In-One", Built for Security (Malware analysis, Penetration testing) & Educational purposes.

This repo shares blue team security notes and resources for detecting and preventing cyber attacks. Topics covered include email, file, log, malware, memory forensics, and packet analysis.

Anomaly based Malware Detection using Machine Learning (PE and URL)

Android malware source code dataset collected from public resources.

SEMA is based on angr, a symbolic execution engine used to extract API calls. Especially, we extend ANGR with strategies to create representative signatures based on System Call Dependency graph (SC...

MalStatWare automates malware analysis with Python. Extract key details like file size, type, hash, path, and digital signature. It analyzes headers, APIs, and strings, giving quick insights for threa...

A book covering the whole spectrum of Malware

This is not a crack and not a reverse either. Lockbit RW Source codes have been completely leaked. I'm sharing it so that you don't pay for such things for nothing.

Software installation scripts for macOS systems that allows you to setup a Virtual Machine (VM) for reverse engineering macOS malware