Trending repositories for topic malware-analysis

An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.

RunAs Utility Credential Stealer implementing 3 techniques : Hooking CreateProcessWithLogonW, Smart Keylogging, Remote Debugging

Program for determining types of files for Windows, Linux and MacOS.

Exploit Development and Reverse Engineering with GDB & LLDB Made Easy

A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.

GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux

UNIX-like reverse engineering framework and command-line toolset

Defund the Police.

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and ...

The FLARE team's open-source tool to identify capabilities in executable files.

Malware Configuration And Payload Extraction

State-of-the-art native debugging tools

MISP (core software) - Open Source Threat Intelligence and Sharing Platform

Android Reverse-Engineering Workbench for VS Code

Portable Executable reversing tool with a friendly GUI

Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, Threa...

A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.

IDA Pro plugin with a rich set of features: decryption, deobfuscation, patching, lib code recognition and various pseudocode transformations

A curated list of awesome YARA rules, tools, and people.

Awesome CSIRT is an curated list of links and resources in security and CSIRT daily activities.

RunAs Utility Credential Stealer implementing 3 techniques : Hooking CreateProcessWithLogonW, Smart Keylogging, Remote Debugging

Hello, aspiring hackers! 🕵️‍♂️ Here’s a list of 500+ Free TryHackMe rooms to kickstart your cybersecurity journey. These rooms are absolutely free, and I’ve organized them by topic to help you dive i...

Raw data from Threat Intelligence Reports with automatic reports collection and keyword search across thousands of reports

Free educational courses in reverse engineering, malware analysis, and programming

Virus - Trojans - Worms - Malwares

Awesome CSIRT is an curated list of links and resources in security and CSIRT daily activities.

IDA Pro plugin with a rich set of features: decryption, deobfuscation, patching, lib code recognition and various pseudocode transformations

High Octane Triage Analysis

An easy-to-use library for emulating memory dumps. Useful for malware analysis (config extraction, unpacking) and dynamic analysis in general (sandboxing).

Malware Configuration And Payload Extraction

Program for determining types of files for Windows, Linux and MacOS.

A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.

Exploit Development and Reverse Engineering with GDB & LLDB Made Easy

State-of-the-art native debugging tools

GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux

For educational purposes only, exhaustive samples of 450+ classic/modern trojan builders including screenshots.

Android Reverse-Engineering Workbench for VS Code

A machine learning tool that ranks strings based on their relevance for malware analysis.

Portable Executable reversing tool with a friendly GUI

Course Repository for University of Cincinnati Malware Analysis Class (CS[567]038)

RunAs Utility Credential Stealer implementing 3 techniques : Hooking CreateProcessWithLogonW, Smart Keylogging, Remote Debugging

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and ...

An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.

UNIX-like reverse engineering framework and command-line toolset

Program for determining types of files for Windows, Linux and MacOS.

Exploit Development and Reverse Engineering with GDB & LLDB Made Easy

A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.

Defund the Police.

IDA Pro plugin with a rich set of features: decryption, deobfuscation, patching, lib code recognition and various pseudocode transformations

The FLARE team's open-source tool to identify capabilities in executable files.

GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux

Tools and Techniques for Blue Team / Incident Response

A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.

Free educational courses in reverse engineering, malware analysis, and programming

Malware Configuration And Payload Extraction

Portable Executable reversing tool with a friendly GUI

State-of-the-art native debugging tools

A curated list of awesome YARA rules, tools, and people.

🐸 Identify anything. pyWhat easily lets you identify emails, IP addresses, and more. Feed it a .pcap file or some text and it'll tell you what it is! 🧙‍♀️

For educational purposes only, exhaustive samples of 450+ classic/modern trojan builders including screenshots.

RunAs Utility Credential Stealer implementing 3 techniques : Hooking CreateProcessWithLogonW, Smart Keylogging, Remote Debugging

My projects to understand malware development and detection. Use responsibly. I'm not responsible if you cause unauthorised damage to anyone's system.

Reverse Engineering and Malware Analysis Roadmap

Sanctum is a proof-of-concept EDR, designed to detect modern malware techniques, above and beyond the capabilities of antivirus. Built in Rust.

A curated list of awesome malware analysis tools and resources

Hello, aspiring hackers! 🕵️‍♂️ Here’s a list of 500+ Free TryHackMe rooms to kickstart your cybersecurity journey. These rooms are absolutely free, and I’ve organized them by topic to help you dive i...

Free educational courses in reverse engineering, malware analysis, and programming

A curated list of awesome binary analysis automation training, resources, and tools.

Raw data from Threat Intelligence Reports with automatic reports collection and keyword search across thousands of reports

IDA Pro plugin with a rich set of features: decryption, deobfuscation, patching, lib code recognition and various pseudocode transformations

Macaron is an extensible supply-chain security analysis framework from Oracle Labs that supports a wide range of build systems and CI/CD services. It can be used to prevent supply chain attacks, detec...

Windows-based Reverse Engineering Toolkit "All-In-One", Built for Security (Malware analysis, Penetration testing) & Educational purposes.

For educational purposes only, exhaustive samples of 450+ classic/modern trojan builders including screenshots.

Records an executable's network activity into a Full Packet Capture file (.pcap) and much more.

a list of 350+ Free TryHackMe rooms to start learning cybersecurity with THM

Remote Access Trojan collection.(260+ RAT-Builders!)

Awesome collection of resources 😎 Work in progress🔥

A curated list of awesome Android Reverse Engineering training, resources, and tools.

BluePill: Neutralizing Anti-Analysis Behavior in Malware Dissection (Black Hat Europe 2019, IEEE TIFS 2020)

Malware Sample Sources

RunAs Utility Credential Stealer implementing 3 techniques : Hooking CreateProcessWithLogonW, Smart Keylogging, Remote Debugging

IDA Pro plugin with a rich set of features: decryption, deobfuscation, patching, lib code recognition and various pseudocode transformations

Program for determining types of files for Windows, Linux and MacOS.

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and ...

An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.

UNIX-like reverse engineering framework and command-line toolset

Exploit Development and Reverse Engineering with GDB & LLDB Made Easy

Records an executable's network activity into a Full Packet Capture file (.pcap) and much more.

A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.

RunAs Utility Credential Stealer implementing 3 techniques : Hooking CreateProcessWithLogonW, Smart Keylogging, Remote Debugging

The FLARE team's open-source tool to identify capabilities in executable files.

Defund the Police.

A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.

GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux

Rapidly initialize Windows Sanbox for malware analysis and reverse engineering

Malware Configuration And Payload Extraction

MISP (core software) - Open Source Threat Intelligence and Sharing Platform

Tools and Techniques for Blue Team / Incident Response

State-of-the-art native debugging tools

A curated list of awesome Android Reverse Engineering training, resources, and tools.

For educational purposes only, exhaustive samples of 450+ classic/modern trojan builders including screenshots.

RunAs Utility Credential Stealer implementing 3 techniques : Hooking CreateProcessWithLogonW, Smart Keylogging, Remote Debugging

Rapidly initialize Windows Sanbox for malware analysis and reverse engineering

My projects to understand malware development and detection. Use responsibly. I'm not responsible if you cause unauthorised damage to anyone's system.

Records an executable's network activity into a Full Packet Capture file (.pcap) and much more.

Hello, aspiring hackers! 🕵️‍♂️ Here’s a list of 500+ Free TryHackMe rooms to kickstart your cybersecurity journey. These rooms are absolutely free, and I’ve organized them by topic to help you dive i...

Sanctum is a proof-of-concept EDR, designed to detect modern malware techniques, above and beyond the capabilities of antivirus. Built in Rust.

Reverse Engineering and Malware Analysis Roadmap

IDA Pro plugin with a rich set of features: decryption, deobfuscation, patching, lib code recognition and various pseudocode transformations

A curated list of awesome binary analysis automation training, resources, and tools.

Free educational courses in reverse engineering, malware analysis, and programming

Raw data from Threat Intelligence Reports with automatic reports collection and keyword search across thousands of reports

Extracted Yara rules from Windows Defender mpavbase and mpasbase

Cyber-Security Bible! Theory and Tools, Kali Linux, Penetration Testing, Bug Bounty, CTFs, Malware Analysis, Cryptography, Secure Programming, Web App Security, Cloud Security, Devsecops, Ethical Hack...

A curated list of awesome malware analysis tools and resources

Windows-based Reverse Engineering Toolkit "All-In-One", Built for Security (Malware analysis, Penetration testing) & Educational purposes.

Deep Linux runtime visibility meets Wireshark

Collection of Jupyter Notebooks by @fr0gger_

For educational purposes only, exhaustive samples of 450+ classic/modern trojan builders including screenshots.

Easy-to-use IDA plugin for code emulation

Microsoft Windows DLL Export Browser (Enumerate Exports, COM Methods and Properties) with Advanced Search Features.

IDA Pro plugin with a rich set of features: decryption, deobfuscation, patching, lib code recognition and various pseudocode transformations

GUI analyzer for deep-diving into PDF files. Detect malicious payloads, understand object relationships, and extract key information for threat analysis.

A comprehensive collection of cheatsheets for reverse engineering, binary analysis, and assembly programming tools. This repository serves as a one-stop reference for security researchers, reverse eng...

Records an executable's network activity into a Full Packet Capture file (.pcap) and much more.

Deep Linux runtime visibility meets Wireshark

FLARE Team's Binary Navigator

A simple crossplatform heuristic PE-analyzer

RunAs Utility Credential Stealer implementing 3 techniques : Hooking CreateProcessWithLogonW, Smart Keylogging, Remote Debugging

Rapidly initialize Windows Sanbox for malware analysis and reverse engineering

Nyxelf is a highly effective tool tailored for analyzing malicious Linux ELF binaries, offering comprehensive support for both static and dynamic analysis techniques.

Raw data from Threat Intelligence Reports with automatic reports collection and keyword search across thousands of reports

Reverse Engineering and Malware Analysis Roadmap

XZ backdoor reverse engineering

A collection of modules and scripts to help with analyzing Nim binaries

Symbol Recovery Tool for Nuitka Binaries

Hello, aspiring hackers! 🕵️‍♂️ Here’s a list of 500+ Free TryHackMe rooms to kickstart your cybersecurity journey. These rooms are absolutely free, and I’ve organized them by topic to help you dive i...

Stuxnet extracted binaries by reversing & Stuxnet Rootkit Analysis

A simple commandline application to automatically decrypt strings from Obfuscator protected binaries

ThingFinder is a tool designed to facilitate searching and analysing code, whether it's source code or compiled binary executables. It provides a modular interface for adding new parsers for identifyi...

No description

An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and ...

UNIX-like reverse engineering framework and command-line toolset

Program for determining types of files for Windows, Linux and MacOS.

Exploit Development and Reverse Engineering with GDB & LLDB Made Easy

Defund the Police.

The FLARE team's open-source tool to identify capabilities in executable files.

A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.

A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.

IDA Pro plugin with a rich set of features: decryption, deobfuscation, patching, lib code recognition and various pseudocode transformations

IntelOwl: manage your Threat Intelligence at scale

GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux

GUI analyzer for deep-diving into PDF files. Detect malicious payloads, understand object relationships, and extract key information for threat analysis.

Tools and Techniques for Blue Team / Incident Response

MISP (core software) - Open Source Threat Intelligence and Sharing Platform

Malware Configuration And Payload Extraction

State-of-the-art native debugging tools

LIEF - Library to Instrument Executable Formats (C++, Python, Rust)

Portable Executable reversing tool with a friendly GUI

A curated list of awesome YARA rules, tools, and people.

GUI analyzer for deep-diving into PDF files. Detect malicious payloads, understand object relationships, and extract key information for threat analysis.

IDA Pro plugin with a rich set of features: decryption, deobfuscation, patching, lib code recognition and various pseudocode transformations

A comprehensive collection of cheatsheets for reverse engineering, binary analysis, and assembly programming tools. This repository serves as a one-stop reference for security researchers, reverse eng...

Nyxelf is a highly effective tool tailored for analyzing malicious Linux ELF binaries, offering comprehensive support for both static and dynamic analysis techniques.

Deep Linux runtime visibility meets Wireshark

Hello, aspiring hackers! 🕵️‍♂️ Here’s a list of 500+ Free TryHackMe rooms to kickstart your cybersecurity journey. These rooms are absolutely free, and I’ve organized them by topic to help you dive i...

#supply #chain #attack #detection

FLARE Team's Binary Navigator

Native Python3 bindings for @horsicq's Detect-It-Easy

Free educational courses in reverse engineering, malware analysis, and programming

XZ backdoor reverse engineering

A curated list of awesome binary analysis automation training, resources, and tools.

RunAs Utility Credential Stealer implementing 3 techniques : Hooking CreateProcessWithLogonW, Smart Keylogging, Remote Debugging

Extracted Yara rules from Windows Defender mpavbase and mpasbase

This repo shares blue team security notes and resources for detecting and preventing cyber attacks. Topics covered include email, file, log, malware, memory forensics, and packet analysis.

Android malware source code dataset collected from public resources.

MalStatWare automates malware analysis with Python. Extract key details like file size, type, hash, path, and digital signature. It analyzes headers, APIs, and strings, giving quick insights for threa...

A book covering the whole spectrum of Malware

Windows-based Reverse Engineering Toolkit "All-In-One", Built for Security (Malware analysis, Penetration testing) & Educational purposes.

Anomaly based Malware Detection using Machine Learning (PE and URL)