Trending repositories for topic malware-analysis
An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and ...
Program for determining types of files for Windows, Linux and MacOS.
Raw data from Threat Intelligence Reports with automatic reports collection and keyword search across thousands of reports
For educational purposes only, samples of 400+ classic/modern trojan builders including screenshots.
The FLARE team's open-source tool to identify capabilities in executable files.
Pafish is a testing tool that uses different techniques to detect virtual machines and malware analysis environments in the same way that malware families do
LIEF - Library to Instrument Executable Formats (C++, Python, Rust)
30 different honeypots in one package! (dhcp, dns, elastic, ftp, http proxy, https proxy, http, https, imap, ipp, irc, ldap, memcache, mssql, mysql, ntp, oracle, pjl, pop3, postgres, rdp, redis, sip, ...
A curated list of awesome Memory Forensics for DFIR
Macaron is an extensible supply-chain security analysis framework from Oracle Labs that supports a wide range of build systems and CI/CD services. It can be used to prevent supply chain attacks, detec...
Chocolatey packages supporting the analysis environment projects FLARE-VM & Commando VM.
UNIX-like reverse engineering framework and command-line toolset
Decompiler and deobfuscator that offers support to track discord webhooks inside: blank stealer, luna grabber, thiefcat, Creal and all unobfuscated grabbers
IDA Pro plugin with a rich set of features: decryption, deobfuscation, patching, lib code recognition and various pseudocode transformations
A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.
Raw data from Threat Intelligence Reports with automatic reports collection and keyword search across thousands of reports
This repository contains various snippets I use in my malware, command and control servers, payloads, and much more. Hopefully it can help you out in building your own malware and payloads :D
For educational purposes only, samples of 400+ classic/modern trojan builders including screenshots.
Macaron is an extensible supply-chain security analysis framework from Oracle Labs that supports a wide range of build systems and CI/CD services. It can be used to prevent supply chain attacks, detec...
Chocolatey packages supporting the analysis environment projects FLARE-VM & Commando VM.
A curated list of awesome Memory Forensics for DFIR
30 different honeypots in one package! (dhcp, dns, elastic, ftp, http proxy, https proxy, http, https, imap, ipp, irc, ldap, memcache, mssql, mysql, ntp, oracle, pjl, pop3, postgres, rdp, redis, sip, ...
A :zap: lightweight Go package to parse, analyze and extract metadata from Portable Executable (PE) binaries. Designed for malware analysis tasks and robust against PE malformations.
a list of 350+ Free TryHackMe rooms to start learning cybersecurity with THM
Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".
A machine learning tool that ranks strings based on their relevance for malware analysis.
Course Repository for University of Cincinnati Malware Analysis Class (CS[567]038)
Decompiler and deobfuscator that offers support to track discord webhooks inside: blank stealer, luna grabber, thiefcat, Creal and all unobfuscated grabbers
IDA Pro plugin with a rich set of features: decryption, deobfuscation, patching, lib code recognition and various pseudocode transformations
Raw data from Threat Intelligence Reports with automatic reports collection and keyword search across thousands of reports
An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and ...
Program for determining types of files for Windows, Linux and MacOS.
For educational purposes only, samples of 400+ classic/modern trojan builders including screenshots.
The FLARE team's open-source tool to identify capabilities in executable files.
Pafish is a testing tool that uses different techniques to detect virtual machines and malware analysis environments in the same way that malware families do
LIEF - Library to Instrument Executable Formats (C++, Python, Rust)
30 different honeypots in one package! (dhcp, dns, elastic, ftp, http proxy, https proxy, http, https, imap, ipp, irc, ldap, memcache, mssql, mysql, ntp, oracle, pjl, pop3, postgres, rdp, redis, sip, ...
A curated list of awesome Memory Forensics for DFIR
Macaron is an extensible supply-chain security analysis framework from Oracle Labs that supports a wide range of build systems and CI/CD services. It can be used to prevent supply chain attacks, detec...
Chocolatey packages supporting the analysis environment projects FLARE-VM & Commando VM.
UNIX-like reverse engineering framework and command-line toolset
Decompiler and deobfuscator that offers support to track discord webhooks inside: blank stealer, luna grabber, thiefcat, Creal and all unobfuscated grabbers
IDA Pro plugin with a rich set of features: decryption, deobfuscation, patching, lib code recognition and various pseudocode transformations
A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.
Raw data from Threat Intelligence Reports with automatic reports collection and keyword search across thousands of reports
This repository contains various snippets I use in my malware, command and control servers, payloads, and much more. Hopefully it can help you out in building your own malware and payloads :D
For educational purposes only, samples of 400+ classic/modern trojan builders including screenshots.
Macaron is an extensible supply-chain security analysis framework from Oracle Labs that supports a wide range of build systems and CI/CD services. It can be used to prevent supply chain attacks, detec...
Chocolatey packages supporting the analysis environment projects FLARE-VM & Commando VM.
A curated list of awesome Memory Forensics for DFIR
30 different honeypots in one package! (dhcp, dns, elastic, ftp, http proxy, https proxy, http, https, imap, ipp, irc, ldap, memcache, mssql, mysql, ntp, oracle, pjl, pop3, postgres, rdp, redis, sip, ...
A :zap: lightweight Go package to parse, analyze and extract metadata from Portable Executable (PE) binaries. Designed for malware analysis tasks and robust against PE malformations.
a list of 350+ Free TryHackMe rooms to start learning cybersecurity with THM
Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".
A machine learning tool that ranks strings based on their relevance for malware analysis.
Course Repository for University of Cincinnati Malware Analysis Class (CS[567]038)
Decompiler and deobfuscator that offers support to track discord webhooks inside: blank stealer, luna grabber, thiefcat, Creal and all unobfuscated grabbers
IDA Pro plugin with a rich set of features: decryption, deobfuscation, patching, lib code recognition and various pseudocode transformations
Raw data from Threat Intelligence Reports with automatic reports collection and keyword search across thousands of reports
The FLARE team's open-source tool to identify capabilities in executable files.
An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and ...
Program for determining types of files for Windows, Linux and MacOS.
UNIX-like reverse engineering framework and command-line toolset
A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.
GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux
A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.
Records an executable's network activity into a Full Packet Capture file (.pcap) and much more.
Pafish is a testing tool that uses different techniques to detect virtual machines and malware analysis environments in the same way that malware families do
For educational purposes only, samples of 400+ classic/modern trojan builders including screenshots.
MISP (core software) - Open Source Threat Intelligence and Sharing Platform
a list of 350+ Free TryHackMe rooms to start learning cybersecurity with THM
A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑
Stuxnet extracted binaries by reversing & Stuxnet Rootkit Analysis
Records an executable's network activity into a Full Packet Capture file (.pcap) and much more.
Cyber-Security Bible! Theory and Tools, Kali Linux, Penetration Testing, Bug Bounty, CTFs, Malware Analysis, Cryptography, Secure Programming, Web App Security, Cloud Security, Devsecops, Ethical Hack...
Public repository containing materials for various malware-related streams.
This repo shares blue team security notes and resources for detecting and preventing cyber attacks. Topics covered include email, file, log, malware, memory forensics, and packet analysis.
A curated list of awesome malware analysis tools and resources
For educational purposes only, samples of 400+ classic/modern trojan builders including screenshots.
a list of 350+ Free TryHackMe rooms to start learning cybersecurity with THM
A collection of modules and scripts to help with analyzing Nim binaries
Resources for learning malware analysis and reverse engineering
Android malware source code dataset collected from public resources.
The FLARE team's open-source tool to identify capabilities in executable files.
SEMA is based on angr, a symbolic execution engine used to extract API calls. Especially, we extend ANGR with strategies to create representative signatures based on System Call Dependency graph (SC...
IDA Pro plugin with a rich set of features: decryption, deobfuscation, patching, lib code recognition and various pseudocode transformations
Simple Polymorphic Engine (SPE32) is a simple polymorphic engine for encrypting code and data. It is an amateur project that can be used to demonstrate what polymorphic engines are.
A cli script to analyze an E-Mail in the EML format for viewing the header, extracting attachments, etc.
GUI analyzer for deep-diving into PDF files. Detect malicious payloads, understand object relationships, and extract key information for threat analysis.
Records an executable's network activity into a Full Packet Capture file (.pcap) and much more.
Easy-as-dumb toolkit to prevent any malicious injections in your Android app. Beware of cheaters!
A collection of malware families and malware samples which use the Rust programming language.
A small program written in C that is designed to load 32/64-bit shellcode and allow for execution or debugging. Can also output PE files from shellcode.
IDA Pro plugin with a rich set of features: decryption, deobfuscation, patching, lib code recognition and various pseudocode transformations
A collection of modules and scripts to help with analyzing Nim binaries
Virus.xcheck is a Python tool designed to bulk verify the existence of file hashes in the Virus Exchange database and fetch download URLs for malware analysis.
Cyber-Security Bible! Theory and Tools, Kali Linux, Penetration Testing, Bug Bounty, CTFs, Malware Analysis, Cryptography, Secure Programming, Web App Security, Cloud Security, Devsecops, Ethical Hack...
PoC showcasing new DarkGate Install Script retrieval technique via DNS TXT Record
A simple commandline application to automatically decrypt strings from Obfuscator protected binaries
An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and ...
Program for determining types of files for Windows, Linux and MacOS.
UNIX-like reverse engineering framework and command-line toolset
The FLARE team's open-source tool to identify capabilities in executable files.
A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.
A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.
GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux
GUI analyzer for deep-diving into PDF files. Detect malicious payloads, understand object relationships, and extract key information for threat analysis.
MISP (core software) - Open Source Threat Intelligence and Sharing Platform
LIEF - Library to Instrument Executable Formats (C++, Python, Rust)
A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑
GUI analyzer for deep-diving into PDF files. Detect malicious payloads, understand object relationships, and extract key information for threat analysis.
For educational purposes only, samples of 400+ classic/modern trojan builders including screenshots.
This repo contains IOC, malware and malware analysis associated with Public cloud
IDA Pro plugin with a rich set of features: decryption, deobfuscation, patching, lib code recognition and various pseudocode transformations
Windows-based Reverse Engineering Toolkit "All-In-One", Built for Security (Malware analysis, Penetration testing) & Educational purposes.
A collection of malware families and malware samples which use the Rust programming language.
This repo shares blue team security notes and resources for detecting and preventing cyber attacks. Topics covered include email, file, log, malware, memory forensics, and packet analysis.
Automatically identify and extract potential anti-debugging techniques used by malware.
PoC showcasing new DarkGate Install Script retrieval technique via DNS TXT Record
Anomaly based Malware Detection using Machine Learning (PE and URL)
Android malware source code dataset collected from public resources.
SEMA is based on angr, a symbolic execution engine used to extract API calls. Especially, we extend ANGR with strategies to create representative signatures based on System Call Dependency graph (SC...
Decompiler and deobfuscator that offers support to track discord webhooks inside: blank stealer, luna grabber, thiefcat, Creal and all unobfuscated grabbers
Cover various security approaches to attack techniques and also provides new discoveries about security breaches.
MalStatWare automates malware analysis with Python. Extract key details like file size, type, hash, path, and digital signature. It analyzes headers, APIs, and strings, giving quick insights for threa...