Trending repositories for topic malware-analysis
An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.
UNIX-like reverse engineering framework and command-line toolset
The FLARE team's open-source tool to identify capabilities in executable files.
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and ...
GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux
Program for determining types of files for Windows, Linux and MacOS.
A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.
A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.
This repository contains sample programs that mimick behavior found in real-world malware. The goal is to provide source code that can be compiled and used for learning purposes, without having to wor...
Dynamic unpacker and import fixer for Themida/WinLicense 2.x and 3.x.
A collection of malware samples caught by several honeypots i manage
A collection of modules and scripts to help with analyzing Nim binaries
Single PHP file to detect potentially malicious threats based on token and hash with web interface and VirusTotal integrations
Anomaly based Malware Detection using Machine Learning (PE and URL)
This repository contains sample programs that mimick behavior found in real-world malware. The goal is to provide source code that can be compiled and used for learning purposes, without having to wor...
This project aims at simplifying Windows API import recovery on arbitrary memory dumps
Malware samples for analysis, researchers, anti-virus and system protection testing (1600+ Malware-samples!).
Toolkit for enriching and speeding up static malware analysis
a list of 350+ Free TryHackMe rooms to start learning cybersecurity with THM
Dynamic unpacker and import fixer for Themida/WinLicense 2.x and 3.x.
Bringing you the best of the worst files on the Internet.
A suite for hunting suspicious targets, expose domains and phishing discovery
A :zap: lightweight Go package to parse, analyze and extract metadata from Portable Executable (PE) binaries. Designed for malware analysis tasks and robust against PE malformations.
A collection of malware samples caught by several honeypots i manage
The FLARE team's open-source tool to identify capabilities in executable files.
A curated list of awesome resources related to executable packing
An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and ...
UNIX-like reverse engineering framework and command-line toolset
Program for determining types of files for Windows, Linux and MacOS.
A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.
A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.
The FLARE team's open-source tool to identify capabilities in executable files.
GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux
Android Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android
A collection of modules and scripts to help with analyzing Nim binaries
Anomaly based Malware Detection using Machine Learning (PE and URL)
My new malware database, the old one is now archived and all my new malwares will be uploaded here instead. As always, this is made for educational purposes only, I'm not responsible for any damages
Docker image gathering packers and tools for making datasets of packed executables and training machine learning models for packing detection
This project aims at simplifying Windows API import recovery on arbitrary memory dumps
Single PHP file to detect potentially malicious threats based on token and hash with web interface and VirusTotal integrations
Windows-based Reverse Engineering Toolkit "All-In-One", Built for Security (Malware analysis, Penetration testing) & Educational purposes.
Automatically identify and extract potential anti-debugging techniques used by malware.
a list of 350+ Free TryHackMe rooms to start learning cybersecurity with THM
Full source of the Conti Ransomware Including the missing Locker files from the original leak. I have fixed some of the errors intentionally introduced by the leaker to prevent the locker from being b...
This repository contains sample programs that mimick behavior found in real-world malware. The goal is to provide source code that can be compiled and used for learning purposes, without having to wor...
This repo contains live malware samples. Be careful with them or you can lose all your data! For educational purposes only! This repo is a old mess I know. This repo will be archived and not updated a...
A curated list of awesome Memory Forensics for DFIR
Malware samples for analysis, researchers, anti-virus and system protection testing (1600+ Malware-samples!).
Bringing you the best of the worst files on the Internet.
A suite for hunting suspicious targets, expose domains and phishing discovery
An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and ...
UNIX-like reverse engineering framework and command-line toolset
Program for determining types of files for Windows, Linux and MacOS.
A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.
A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.
GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux
The FLARE team's open-source tool to identify capabilities in executable files.
A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑
the fastest and most powerful android decompiler(native tool working without Java VM) for the APK, DEX, ODEX, OAT, JAR, AAR, and CLASS file. which supports malicious behavior detection, privacy leakin...
enumerate binary capabilities, including malicious behaviors
MISP (core software) - Open Source Threat Intelligence and Sharing Platform
A collection of modules and scripts to help with analyzing Nim binaries
Anomaly based Malware Detection using Machine Learning (PE and URL)
enumerate binary capabilities, including malicious behaviors
Decompiler and deobfuscator that offers support to track discord webhooks inside: blank stealer, luna grabber, thiefcat, Creal and all unobfuscated grabbers
A small program written in C that is designed to load 32/64-bit shellcode and allow for execution or debugging. Can also output PE files from shellcode.
Full source of the Conti Ransomware Including the missing Locker files from the original leak. I have fixed some of the errors intentionally introduced by the leaker to prevent the locker from being b...
A collection of malware families and malware samples which use the Rust programming language.
Single PHP file to detect potentially malicious threats based on token and hash with web interface and VirusTotal integrations
This repository contains various snippets I use in my malware, command and control servers, payloads, and much more. Hopefully it can help you out in building your own malware and payloads :D
a list of 350+ Free TryHackMe rooms to start learning cybersecurity with THM
Docker image gathering packers and tools for making datasets of packed executables and training machine learning models for packing detection
A suite for hunting suspicious targets, expose domains and phishing discovery
Code written as part of our various malware investigations
Cover various security approaches to attack techniques and also provides new discoveries about security breaches.
Windows-based Reverse Engineering Toolkit "All-In-One", Built for Security (Malware analysis, Penetration testing) & Educational purposes.
A suite for hunting suspicious targets, expose domains and phishing discovery
Easy-as-dumb toolkit to prevent any malicious injections in your Android app. Beware of cheaters!
A collection of malware families and malware samples which use the Rust programming language.
A small program written in C that is designed to load 32/64-bit shellcode and allow for execution or debugging. Can also output PE files from shellcode.
Automatically identify and extract potential anti-debugging techniques used by malware.
A collection of modules and scripts to help with analyzing Nim binaries
Single PHP file to detect potentially malicious threats based on token and hash with web interface and VirusTotal integrations
Decompiler and deobfuscator that offers support to track discord webhooks inside: blank stealer, luna grabber, thiefcat, Creal and all unobfuscated grabbers
SRE - Dissecting Malware for Static Analysis & the Complete Command-line Tool
Virus.xcheck is a Python tool designed to bulk verify the existence of file hashes in the Virus Exchange database and fetch download URLs for malware analysis.
PoC showcasing new DarkGate Install Script retrieval technique via DNS TXT Record
My new malware database, the old one is now archived and all my new malwares will be uploaded here instead. As always, this is made for educational purposes only, I'm not responsible for any damages
This x64dbg plugin allows you to upload your sample to Malcore and view the results.
An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and ...
UNIX-like reverse engineering framework and command-line toolset
Program for determining types of files for Windows, Linux and MacOS.
A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.
A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.
GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux
The FLARE team's open-source tool to identify capabilities in executable files.
A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑
MISP (core software) - Open Source Threat Intelligence and Sharing Platform
the fastest and most powerful android decompiler(native tool working without Java VM) for the APK, DEX, ODEX, OAT, JAR, AAR, and CLASS file. which supports malicious behavior detection, privacy leakin...
Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, Threa...
Cover various security approaches to attack techniques and also provides new discoveries about security breaches.
Windows-based Reverse Engineering Toolkit "All-In-One", Built for Security (Malware analysis, Penetration testing) & Educational purposes.
A collection of malware families and malware samples which use the Rust programming language.
Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".
a list of 350+ Free TryHackMe rooms to start learning cybersecurity with THM
Anomaly based Malware Detection using Machine Learning (PE and URL)
Curating Falco rules with MITRE ATT&CK Matrix
PoC showcasing new DarkGate Install Script retrieval technique via DNS TXT Record
This repository contains various snippets I use in my malware, command and control servers, payloads, and much more. Hopefully it can help you out in building your own malware and payloads :D
A curated list of tools useful within the field of cyber security, for both blue and red team operations.
This repository contains sample programs that mimick behavior found in real-world malware. The goal is to provide source code that can be compiled and used for learning purposes, without having to wor...