Trending repositories for topic malware-analysis

A comprehensive collection of cheatsheets for reverse engineering, binary analysis, and assembly programming tools. This repository serves as a one-stop reference for security researchers, reverse eng...

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and ...

Exploit Development and Reverse Engineering with GDB Made Easy

An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.

Program for determining types of files for Windows, Linux and MacOS.

UNIX-like reverse engineering framework and command-line toolset

FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.

A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.

A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑

A curated list of awesome Android Reverse Engineering training, resources, and tools.

the fastest and most powerful android decompiler(native tool working without Java VM) for the APK, DEX, ODEX, OAT, JAR, AAR, and CLASS file. which supports malicious behavior detection, privacy leakin...

The FLARE team's open-source tool to identify capabilities in executable files.

MISP (core software) - Open Source Threat Intelligence and Sharing Platform

A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.

State-of-the-art native debugging tools

IntelOwl: manage your Threat Intelligence at scale

🐸 Identify anything. pyWhat easily lets you identify emails, IP addresses, and more. Feed it a .pcap file or some text and it'll tell you what it is! 🧙‍♀️

#supply #chain #attack #detection

Unprotect is a collaborative platform dedicated to uncovering and documenting malware evasion techniques. We invite you to join us in this exciting journey and add your expertise to our collective eff...

30 different honeypots in one package! (dhcp, dns, elastic, ftp, http proxy, https proxy, http, https, imap, ipp, irc, ldap, memcache, mssql, mysql, ntp, oracle, pjl, pop3, postgres, rdp, redis, sip, ...

A comprehensive collection of cheatsheets for reverse engineering, binary analysis, and assembly programming tools. This repository serves as a one-stop reference for security researchers, reverse eng...

Unprotect is a collaborative platform dedicated to uncovering and documenting malware evasion techniques. We invite you to join us in this exciting journey and add your expertise to our collective eff...

A curated list of awesome Android Reverse Engineering training, resources, and tools.

#supply #chain #attack #detection

Windows-based Reverse Engineering Toolkit "All-In-One", Built for Security (Malware analysis, Penetration testing) & Educational purposes.

30 different honeypots in one package! (dhcp, dns, elastic, ftp, http proxy, https proxy, http, https, imap, ipp, irc, ldap, memcache, mssql, mysql, ntp, oracle, pjl, pop3, postgres, rdp, redis, sip, ...

FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.

A collection of c++ programs that demonstrate common ways to detect the presence of an attached debugger.

A :zap: lightweight Go package to parse, analyze and extract metadata from Portable Executable (PE) binaries. Designed for malware analysis tasks and robust against PE malformations.

A curated list of awesome Memory Forensics for DFIR

Exploit Development and Reverse Engineering with GDB Made Easy

Program for determining types of files for Windows, Linux and MacOS.

the fastest and most powerful android decompiler(native tool working without Java VM) for the APK, DEX, ODEX, OAT, JAR, AAR, and CLASS file. which supports malicious behavior detection, privacy leakin...

RAT And C&C Resources. 250+ Open Source Projects, 1200+ RAT/C&C blog/video.

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and ...

The FLARE team's open-source tool to identify capabilities in executable files.

State-of-the-art native debugging tools

FAME Automates Malware Evaluation

FakeNet-NG - Next Generation Dynamic Network Analysis Tool

Portable Executable reversing tool with a friendly GUI

A comprehensive collection of cheatsheets for reverse engineering, binary analysis, and assembly programming tools. This repository serves as a one-stop reference for security researchers, reverse eng...

An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and ...

Program for determining types of files for Windows, Linux and MacOS.

UNIX-like reverse engineering framework and command-line toolset

Exploit Development and Reverse Engineering with GDB Made Easy

A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.

Defund the Police.

A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.

FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.

Portable Executable reversing tool with a friendly GUI

GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux

the fastest and most powerful android decompiler(native tool working without Java VM) for the APK, DEX, ODEX, OAT, JAR, AAR, and CLASS file. which supports malicious behavior detection, privacy leakin...

🐸 Identify anything. pyWhat easily lets you identify emails, IP addresses, and more. Feed it a .pcap file or some text and it'll tell you what it is! 🧙‍♀️

MISP (core software) - Open Source Threat Intelligence and Sharing Platform

A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑

Automatically identify and extract potential anti-debugging techniques used by malware.

A curated list of awesome Android Reverse Engineering training, resources, and tools.

Tools and Techniques for Blue Team / Incident Response

State-of-the-art native debugging tools

A comprehensive collection of cheatsheets for reverse engineering, binary analysis, and assembly programming tools. This repository serves as a one-stop reference for security researchers, reverse eng...

Automatically identify and extract potential anti-debugging techniques used by malware.

Stuxnet extracted binaries by reversing & Stuxnet Rootkit Analysis

A curated list of awesome malware analysis tools and resources

IDA Pro plugin with a rich set of features: decryption, deobfuscation, patching, lib code recognition and various pseudocode transformations

Unprotect is a collaborative platform dedicated to uncovering and documenting malware evasion techniques. We invite you to join us in this exciting journey and add your expertise to our collective eff...

Android Malware Samples

Windows-based Reverse Engineering Toolkit "All-In-One", Built for Security (Malware analysis, Penetration testing) & Educational purposes.

Small collection of Ransomware organized by family.

Reverse Engineering Tools (deobf, decompiler etc..)

intel x86(-64) code analysis library that reconstructs control flow

a list of 350+ Free TryHackMe rooms to start learning cybersecurity with THM

A curated list of awesome Android Reverse Engineering training, resources, and tools.

#supply #chain #attack #detection

A curated list of awesome malware persistence tools and resources.

Awesome collection of resources 😎 Work in progress🔥

Chocolatey packages supporting the analysis environment projects FLARE-VM & Commando VM.

GUI analyzer for deep-diving into PDF files. Detect malicious payloads, understand object relationships, and extract key information for threat analysis.

A :zap: lightweight Go package to parse, analyze and extract metadata from Portable Executable (PE) binaries. Designed for malware analysis tasks and robust against PE malformations.

Portable Executable reversing tool with a friendly GUI

A comprehensive collection of cheatsheets for reverse engineering, binary analysis, and assembly programming tools. This repository serves as a one-stop reference for security researchers, reverse eng...

Raw data from Threat Intelligence Reports with automatic reports collection and keyword search across thousands of reports

An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.

A comprehensive collection of cheatsheets for reverse engineering, binary analysis, and assembly programming tools. This repository serves as a one-stop reference for security researchers, reverse eng...

Program for determining types of files for Windows, Linux and MacOS.

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and ...

Defund the Police.

UNIX-like reverse engineering framework and command-line toolset

Exploit Development and Reverse Engineering with GDB Made Easy

A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.

🐸 Identify anything. pyWhat easily lets you identify emails, IP addresses, and more. Feed it a .pcap file or some text and it'll tell you what it is! 🧙‍♀️

A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.

The FLARE team's open-source tool to identify capabilities in executable files.

GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux

MISP (core software) - Open Source Threat Intelligence and Sharing Platform

Android Reverse-Engineering Workbench for VS Code

Tools and Techniques for Blue Team / Incident Response

Malware Configuration And Payload Extraction

Portable Executable reversing tool with a friendly GUI

A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑

A curated list of awesome YARA rules, tools, and people.

A curated list of awesome Android Reverse Engineering training, resources, and tools.

A comprehensive collection of cheatsheets for reverse engineering, binary analysis, and assembly programming tools. This repository serves as a one-stop reference for security researchers, reverse eng...

A Malware Scarecrow for Windows 10/11 with a user-friendly touch.

Stuxnet extracted binaries by reversing & Stuxnet Rootkit Analysis

Cyber-Security Bible! Theory and Tools, Kali Linux, Penetration Testing, Bug Bounty, CTFs, Malware Analysis, Cryptography, Secure Programming, Web App Security, Cloud Security, Devsecops, Ethical Hack...

Automatically identify and extract potential anti-debugging techniques used by malware.

A curated list of awesome malware analysis tools and resources

A simple crossplatform heuristic PE-analyzer

Native Python3 bindings for @horsicq's Detect-It-Easy

This repo shares blue team security notes and resources for detecting and preventing cyber attacks. Topics covered include email, file, log, malware, memory forensics, and packet analysis.

IDA Pro plugin with a rich set of features: decryption, deobfuscation, patching, lib code recognition and various pseudocode transformations

#supply #chain #attack #detection

a list of 350+ Free TryHackMe rooms to start learning cybersecurity with THM

Reverse Engineering and Malware Analysis Roadmap

Android Malware Samples

A cli script to analyze an E-Mail in the EML format for viewing the header, extracting attachments, etc.

Android malware source code dataset collected from public resources.

A curated list of awesome Android Reverse Engineering training, resources, and tools.

Decompiler and deobfuscator that offers support to track discord webhooks inside: blank stealer, luna grabber, thiefcat, Creal and all unobfuscated grabbers

Simple Polymorphic Engine (SPE32) is a simple polymorphic engine for encrypting code and data. It is an amateur project that can be used to demonstrate what polymorphic engines are.

Records an executable's network activity into a Full Packet Capture file (.pcap) and much more.

GUI analyzer for deep-diving into PDF files. Detect malicious payloads, understand object relationships, and extract key information for threat analysis.

#supply #chain #attack #detection

A comprehensive collection of cheatsheets for reverse engineering, binary analysis, and assembly programming tools. This repository serves as a one-stop reference for security researchers, reverse eng...

Deep Linux runtime visibility meets Wireshark

Extracted Yara rules from Windows Defender mpavbase and mpasbase

Records an executable's network activity into a Full Packet Capture file (.pcap) and much more.

A simple crossplatform heuristic PE-analyzer

Easy-as-dumb toolkit to prevent any malicious injections in your Android app. Beware of cheaters!

A collection of malware families and malware samples which use the Rust programming language.

IDA Pro plugin with a rich set of features: decryption, deobfuscation, patching, lib code recognition and various pseudocode transformations

A small program written in C that is designed to load 32/64-bit shellcode and allow for execution or debugging. Can also output PE files from shellcode.

XZ backdoor reverse engineering

Advanced dynamic malware analysis tool.

A collection of modules and scripts to help with analyzing Nim binaries

Native Python3 bindings for @horsicq's Detect-It-Easy

Cyber-Security Bible! Theory and Tools, Kali Linux, Penetration Testing, Bug Bounty, CTFs, Malware Analysis, Cryptography, Secure Programming, Web App Security, Cloud Security, Devsecops, Ethical Hack...

Virus.xcheck is a Python tool designed to bulk verify the existence of file hashes in the Virus Exchange database and fetch download URLs for malware analysis.

Reverse Engineering and Malware Analysis Roadmap

Stuxnet extracted binaries by reversing & Stuxnet Rootkit Analysis

Raw data from Threat Intelligence Reports with automatic reports collection and keyword search across thousands of reports

An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and ...

Program for determining types of files for Windows, Linux and MacOS.

UNIX-like reverse engineering framework and command-line toolset

Defund the Police.

The FLARE team's open-source tool to identify capabilities in executable files.

Exploit Development and Reverse Engineering with GDB Made Easy

A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.

A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.

GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux

IntelOwl: manage your Threat Intelligence at scale

Tools and Techniques for Blue Team / Incident Response

GUI analyzer for deep-diving into PDF files. Detect malicious payloads, understand object relationships, and extract key information for threat analysis.

MISP (core software) - Open Source Threat Intelligence and Sharing Platform

Portable Executable reversing tool with a friendly GUI

Android Reverse-Engineering Workbench for VS Code

A curated list of awesome YARA rules, tools, and people.

LIEF - Library to Instrument Executable Formats (C++, Python, Rust)

A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑

Malware Configuration And Payload Extraction

GUI analyzer for deep-diving into PDF files. Detect malicious payloads, understand object relationships, and extract key information for threat analysis.

Extracted Yara rules from Windows Defender mpavbase and mpasbase

This repo contains IOC, malware and malware analysis associated with Public cloud

IDA Pro plugin with a rich set of features: decryption, deobfuscation, patching, lib code recognition and various pseudocode transformations

A comprehensive collection of cheatsheets for reverse engineering, binary analysis, and assembly programming tools. This repository serves as a one-stop reference for security researchers, reverse eng...

Deep Linux runtime visibility meets Wireshark

Single file php webshell scanner to detect potentially malicious backdoor based on token and hash with web interface and VirusTotal integration. Subscribe to get API Key

A collection of malware families and malware samples which use the Rust programming language.

Windows-based Reverse Engineering Toolkit "All-In-One", Built for Security (Malware analysis, Penetration testing) & Educational purposes.

XZ backdoor reverse engineering

Automatically identify and extract potential anti-debugging techniques used by malware.

Advanced dynamic malware analysis tool.

This repo shares blue team security notes and resources for detecting and preventing cyber attacks. Topics covered include email, file, log, malware, memory forensics, and packet analysis.

PoC showcasing new DarkGate Install Script retrieval technique via DNS TXT Record

Anomaly based Malware Detection using Machine Learning (PE and URL)

Android malware source code dataset collected from public resources.

SEMA is based on angr, a symbolic execution engine used to extract API calls. Especially, we extend ANGR with strategies to create representative signatures based on System Call Dependency graph (SC...

MalStatWare automates malware analysis with Python. Extract key details like file size, type, hash, path, and digital signature. It analyzes headers, APIs, and strings, giving quick insights for threa...

The God Name Server

Decompiler and deobfuscator that offers support to track discord webhooks inside: blank stealer, luna grabber, thiefcat, Creal and all unobfuscated grabbers