Trending repositories for topic malware-analysis

An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.

IDA Pro plugin with a rich set of features: decryption, deobfuscation, patching, lib code recognition and various pseudocode transformations

Program for determining types of files for Windows, Linux and MacOS.

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and ...

A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.

MISP (core software) - Open Source Threat Intelligence and Sharing Platform

Exploit Development and Reverse Engineering with GDB & LLDB Made Easy

Defund the Police.

Malware Configuration And Payload Extraction

GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux

A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.

IntelOwl: manage your Threat Intelligence at scale

RunAs Utility Credential Stealer implementing 3 techniques : Hooking CreateProcessWithLogonW, Smart Keylogging, Remote Debugging

🐸 Identify anything. pyWhat easily lets you identify emails, IP addresses, and more. Feed it a .pcap file or some text and it'll tell you what it is! 🧙‍♀️

Pafish is a testing tool that uses different techniques to detect virtual machines and malware analysis environments in the same way that malware families do

the fastest and most powerful android decompiler(native tool working without Java VM) for the APK, DEX, ODEX, OAT, JAR, AAR, and CLASS file. which supports malicious behavior detection, privacy leakin...

:wolf: Malware analysis platform

Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).

LIEF - Library to Instrument Executable Formats (C++, Python, Rust)

A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑

My projects to understand malware development and detection. Use responsibly. I'm not responsible if you cause unauthorised damage to anyone's system.

RunAs Utility Credential Stealer implementing 3 techniques : Hooking CreateProcessWithLogonW, Smart Keylogging, Remote Debugging

Reverse Engineering and Malware Analysis Roadmap

MalwareDB: bookkeeping for malware, goodware, and unknown files with relationship discovery

Sanctum is a proof-of-concept EDR, designed to detect modern malware techniques, above and beyond the capabilities of antivirus. Built in Rust.

Conjunto de manuales para reversa/analisis/cracking

IDA Pro plugin with a rich set of features: decryption, deobfuscation, patching, lib code recognition and various pseudocode transformations

A curated list of awesome malware analysis tools and resources

Configuration Extractors for Malware

:wolf: Malware analysis platform

Malware samples for analysis, researchers, anti-virus and system protection testing (1600+ Malware-samples!).

A curated list of awesome Memory Forensics for DFIR

Dynamic unpacker based on PE-sieve

Malware Configuration And Payload Extraction

All-in-One malware analysis tool.

30 different honeypots in one package! (dhcp, dns, elastic, ftp, http proxy, https proxy, http, https, imap, ipp, irc, ldap, memcache, mssql, mysql, ntp, oracle, pjl, pop3, postgres, rdp, redis, sip, ...

MISP (core software) - Open Source Threat Intelligence and Sharing Platform

A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.

A comprehensive collection of cheatsheets for reverse engineering, binary analysis, and assembly programming tools. This repository serves as a one-stop reference for security researchers, reverse eng...

A curated list of awesome Android Reverse Engineering training, resources, and tools.

An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.

UNIX-like reverse engineering framework and command-line toolset

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and ...

Program for determining types of files for Windows, Linux and MacOS.

Exploit Development and Reverse Engineering with GDB & LLDB Made Easy

RunAs Utility Credential Stealer implementing 3 techniques : Hooking CreateProcessWithLogonW, Smart Keylogging, Remote Debugging

A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.

GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux

Defund the Police.

IDA Pro plugin with a rich set of features: decryption, deobfuscation, patching, lib code recognition and various pseudocode transformations

A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.

MISP (core software) - Open Source Threat Intelligence and Sharing Platform

Malware Configuration And Payload Extraction

State-of-the-art native debugging tools

the fastest and most powerful android decompiler(native tool working without Java VM) for the APK, DEX, ODEX, OAT, JAR, AAR, and CLASS file. which supports malicious behavior detection, privacy leakin...

Portable Executable reversing tool with a friendly GUI

Pafish is a testing tool that uses different techniques to detect virtual machines and malware analysis environments in the same way that malware families do

The FLARE team's open-source tool to identify capabilities in executable files.

Sanctum is a proof-of-concept EDR, designed to detect modern malware techniques, above and beyond the capabilities of antivirus. Built in Rust.

LIEF - Library to Instrument Executable Formats (C++, Python, Rust)

Sanctum is a proof-of-concept EDR, designed to detect modern malware techniques, above and beyond the capabilities of antivirus. Built in Rust.

RunAs Utility Credential Stealer implementing 3 techniques : Hooking CreateProcessWithLogonW, Smart Keylogging, Remote Debugging

LummaC2 extracted binaries by reversing & LummaC2 Stealer Analysis

My projects to understand malware development and detection. Use responsibly. I'm not responsible if you cause unauthorised damage to anyone's system.

Hello, aspiring hackers! 🕵️‍♂️ Here’s a list of 500+ Free TryHackMe rooms to kickstart your cybersecurity journey. These rooms are absolutely free, and I’ve organized them by topic to help you dive i...

Reverse Engineering and Malware Analysis Roadmap

MalwareDB: bookkeeping for malware, goodware, and unknown files with relationship discovery

A curated list of awesome malware analysis tools and resources

Cyber-Security Bible! Theory and Tools, Kali Linux, Penetration Testing, Bug Bounty, CTFs, Malware Analysis, Cryptography, Secure Programming, Web App Security, Cloud Security, Devsecops, Ethical Hack...

Free educational courses in reverse engineering, malware analysis, and programming

IDA Pro plugin with a rich set of features: decryption, deobfuscation, patching, lib code recognition and various pseudocode transformations

Raw data from Threat Intelligence Reports with automatic reports collection and keyword search across thousands of reports

Conjunto de manuales para reversa/analisis/cracking

Malware samples for analysis, researchers, anti-virus and system protection testing (1600+ Malware-samples!).

Windows-based Reverse Engineering Toolkit "All-In-One", Built for Security (Malware analysis, Penetration testing) & Educational purposes.

Cross-platform library for parsing and building PE\PE+ formats

Livro: Engenharia Reversa - Fundamentos e Prática

Configuration Extractors for Malware

A curated list of awesome Memory Forensics for DFIR

Cybersecurity research results. Simple C/C++ and Python implementations

RunAs Utility Credential Stealer implementing 3 techniques : Hooking CreateProcessWithLogonW, Smart Keylogging, Remote Debugging

An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and ...

Program for determining types of files for Windows, Linux and MacOS.

UNIX-like reverse engineering framework and command-line toolset

IDA Pro plugin with a rich set of features: decryption, deobfuscation, patching, lib code recognition and various pseudocode transformations

Exploit Development and Reverse Engineering with GDB & LLDB Made Easy

RunAs Utility Credential Stealer implementing 3 techniques : Hooking CreateProcessWithLogonW, Smart Keylogging, Remote Debugging

A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.

Defund the Police.

A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.

GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux

The FLARE team's open-source tool to identify capabilities in executable files.

Malware Configuration And Payload Extraction

MISP (core software) - Open Source Threat Intelligence and Sharing Platform

Rapidly initialize Windows Sanbox for malware analysis and reverse engineering

State-of-the-art native debugging tools

Records an executable's network activity into a Full Packet Capture file (.pcap) and much more.

Pafish is a testing tool that uses different techniques to detect virtual machines and malware analysis environments in the same way that malware families do

LIEF - Library to Instrument Executable Formats (C++, Python, Rust)

Tools and Techniques for Blue Team / Incident Response

RunAs Utility Credential Stealer implementing 3 techniques : Hooking CreateProcessWithLogonW, Smart Keylogging, Remote Debugging

Rapidly initialize Windows Sanbox for malware analysis and reverse engineering

Just another malware database.

My projects to understand malware development and detection. Use responsibly. I'm not responsible if you cause unauthorised damage to anyone's system.

Sanctum is a proof-of-concept EDR, designed to detect modern malware techniques, above and beyond the capabilities of antivirus. Built in Rust.

LummaC2 extracted binaries by reversing & LummaC2 Stealer Analysis

Hello, aspiring hackers! 🕵️‍♂️ Here’s a list of 500+ Free TryHackMe rooms to kickstart your cybersecurity journey. These rooms are absolutely free, and I’ve organized them by topic to help you dive i...

Reverse Engineering and Malware Analysis Roadmap

Records an executable's network activity into a Full Packet Capture file (.pcap) and much more.

IDA Pro plugin with a rich set of features: decryption, deobfuscation, patching, lib code recognition and various pseudocode transformations

A curated list of awesome malware analysis tools and resources

Free educational courses in reverse engineering, malware analysis, and programming

Raw data from Threat Intelligence Reports with automatic reports collection and keyword search across thousands of reports

Windows-based Reverse Engineering Toolkit "All-In-One", Built for Security (Malware analysis, Penetration testing) & Educational purposes.

Extracted Yara rules from Windows Defender mpavbase and mpasbase

Microsoft Windows DLL Export Browser (Enumerate Exports, COM Methods and Properties) with Advanced Search Features.

Cyber-Security Bible! Theory and Tools, Kali Linux, Penetration Testing, Bug Bounty, CTFs, Malware Analysis, Cryptography, Secure Programming, Web App Security, Cloud Security, Devsecops, Ethical Hack...

This script enhances endpoint logging telemetry for the purpose of advanced malware threat detection or for building detections or malware analysis. This can be used in production, however you might w...

MalwareDB: bookkeeping for malware, goodware, and unknown files with relationship discovery

Collection of Jupyter Notebooks by @fr0gger_

IDA Pro plugin with a rich set of features: decryption, deobfuscation, patching, lib code recognition and various pseudocode transformations

GUI analyzer for deep-diving into PDF files. Detect malicious payloads, understand object relationships, and extract key information for threat analysis.

A comprehensive collection of cheatsheets for reverse engineering, binary analysis, and assembly programming tools. This repository serves as a one-stop reference for security researchers, reverse eng...

Records an executable's network activity into a Full Packet Capture file (.pcap) and much more.

Deep Linux runtime visibility meets Wireshark

FLARE Team's Binary Navigator

A simple crossplatform heuristic PE-analyzer

RunAs Utility Credential Stealer implementing 3 techniques : Hooking CreateProcessWithLogonW, Smart Keylogging, Remote Debugging

Rapidly initialize Windows Sanbox for malware analysis and reverse engineering

Nyxelf is a highly effective tool tailored for analyzing malicious Linux ELF binaries, offering comprehensive support for both static and dynamic analysis techniques.

Raw data from Threat Intelligence Reports with automatic reports collection and keyword search across thousands of reports

Reverse Engineering and Malware Analysis Roadmap

XZ backdoor reverse engineering

A collection of modules and scripts to help with analyzing Nim binaries

Hello, aspiring hackers! 🕵️‍♂️ Here’s a list of 500+ Free TryHackMe rooms to kickstart your cybersecurity journey. These rooms are absolutely free, and I’ve organized them by topic to help you dive i...

Symbol Recovery Tool for Nuitka Binaries

Stuxnet extracted binaries by reversing & Stuxnet Rootkit Analysis

Sanctum is a proof-of-concept EDR, designed to detect modern malware techniques, above and beyond the capabilities of antivirus. Built in Rust.

My projects to understand malware development and detection. Use responsibly. I'm not responsible if you cause unauthorised damage to anyone's system.

A simple commandline application to automatically decrypt strings from Obfuscator protected binaries

An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and ...

UNIX-like reverse engineering framework and command-line toolset

Program for determining types of files for Windows, Linux and MacOS.

Exploit Development and Reverse Engineering with GDB & LLDB Made Easy

Defund the Police.

The FLARE team's open-source tool to identify capabilities in executable files.

A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.

A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.

IDA Pro plugin with a rich set of features: decryption, deobfuscation, patching, lib code recognition and various pseudocode transformations

IntelOwl: manage your Threat Intelligence at scale

GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux

GUI analyzer for deep-diving into PDF files. Detect malicious payloads, understand object relationships, and extract key information for threat analysis.

Tools and Techniques for Blue Team / Incident Response

MISP (core software) - Open Source Threat Intelligence and Sharing Platform

Malware Configuration And Payload Extraction

State-of-the-art native debugging tools

LIEF - Library to Instrument Executable Formats (C++, Python, Rust)

Portable Executable reversing tool with a friendly GUI

A curated list of awesome YARA rules, tools, and people.

GUI analyzer for deep-diving into PDF files. Detect malicious payloads, understand object relationships, and extract key information for threat analysis.

IDA Pro plugin with a rich set of features: decryption, deobfuscation, patching, lib code recognition and various pseudocode transformations

A comprehensive collection of cheatsheets for reverse engineering, binary analysis, and assembly programming tools. This repository serves as a one-stop reference for security researchers, reverse eng...

Nyxelf is a highly effective tool tailored for analyzing malicious Linux ELF binaries, offering comprehensive support for both static and dynamic analysis techniques.

Deep Linux runtime visibility meets Wireshark

Hello, aspiring hackers! 🕵️‍♂️ Here’s a list of 500+ Free TryHackMe rooms to kickstart your cybersecurity journey. These rooms are absolutely free, and I’ve organized them by topic to help you dive i...

FLARE Team's Binary Navigator

Native Python3 bindings for @horsicq's Detect-It-Easy

RunAs Utility Credential Stealer implementing 3 techniques : Hooking CreateProcessWithLogonW, Smart Keylogging, Remote Debugging

Free educational courses in reverse engineering, malware analysis, and programming

XZ backdoor reverse engineering

A curated list of awesome binary analysis automation training, resources, and tools.

#supply #chain #attack #detection

Extracted Yara rules from Windows Defender mpavbase and mpasbase

This repo shares blue team security notes and resources for detecting and preventing cyber attacks. Topics covered include email, file, log, malware, memory forensics, and packet analysis.

Android malware source code dataset collected from public resources.

MalStatWare automates malware analysis with Python. Extract key details like file size, type, hash, path, and digital signature. It analyzes headers, APIs, and strings, giving quick insights for threa...

A book covering the whole spectrum of Malware

Windows-based Reverse Engineering Toolkit "All-In-One", Built for Security (Malware analysis, Penetration testing) & Educational purposes.

Anomaly based Malware Detection using Machine Learning (PE and URL)