#Malware-detection
Showing 60 of 137 repositories tagged #malware-detection, ranked by stars
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
A curated list of awesome YARA rules, tools, and people.
Android Reverse-Engineering Workbench for VS Code
Android Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
BinaryAlert: Serverless, Real-time & Retroactive Malware Detection.
a tool to perform static analysis of known vulnerabilities, trojans, viruses, malware & other malicious threats in docker images/containers and to monitor the docker daemon and running docker containers for detecting anomalous activities
Final year projects are a crucial part of a student's academic journey, particularly in the fields of engineering, computer science, and other technical disciplines.50 Final year Projects Includes Source Code, PPT, Synopsis, Report, Documents, Base Research Paper & Video tutorials
Reverse Engineering and Malware Analysis Roadmap
APK/DEX detector for Windows, Linux and MacOS.
Malware Sample Sources
Enterprise-ready SIEM, SOAR and Compliance powered by real-time correlation and threat intelligence.
Linker/Compiler/Tool detector for Windows, Linux and MacOS.
AssemblyLine 4: File triage and malware analysis
Free educational courses in cybersecurity, reverse engineering, malware analysis, and programming designed to expand access, build practical skills, and support the next generation of cyber defenders.
FCL (Fileless Command Lines) - Known command lines of fileless malicious executions
Drltrace is a library calls tracer for Windows and Linux applications.
An open source framework for enterprise level automated analysis.
Bringing you the best of the worst files on the Internet.
This repository contains indicators of compromise (IOCs) of our various investigations.
Anti-Malware for minecraft
A curated list of awesome malware persistence tools and resources.
Free Windows, Mac and Linux cleaner, scanner, and more.
DrSemu - Sandboxed Malware Detection and Classification Tool Based on Dynamic Behavior
Personal compilation of APT malware from whitepaper releases, documents and own research
Android app analysis and feature extraction library
Thumper is an open-source tripwire for the Shai-Hulud npm worm. Plant fake-but-realistic credentials where the worm scans - the instant one is read, you know the box might be breached. Free and built in the open by Jesta.
Macaron is an extensible supply-chain security analysis framework from Oracle Labs that supports a wide range of build systems and CI/CD services. It can be used to prevent supply chain attacks, detect malicious Python packages, or check conformance to frameworks, such as SLSA. Documentation:
Collection of malware persistence and hunting information. Be a persistent persistence hunter!
Anomaly based Malware Detection using Machine Learning (PE and URL)
Final Year Malware Detection Project with PPT, Research Paper, code and Synopsis. Malware detection project by Machine Learning ALgorithms.
Browser extension that protects you from phishing and malicious websites.
Towards Building an Intelligent Anti-Malware System: A Deep Learning Approach using Support Vector Machine for Malware Classification
A curated list of awesome malware analysis tools and resources
A dynamic unpacking tool
Visually inspect and force decode YARA and regex matches found in both binary and text data with colors. Lots of colors.
Welcome to the ultimate list of resources for AI in cybersecurity. This repository aims to provide an organized collection of high-quality resources to help professionals, researchers, and enthusiasts stay updated and advance their knowledge in the field.
Detect npm packages compromised in the Shai-Hulud 2.0 supply chain attack (Nov 2025). Scans for 790+ malicious packages, suspicious scripts, TruffleHog activity, SHA1HULUD runners, and secrets exfiltration. GitHub Action with SARIF support.
Bypass Malware Sandbox Evasion Ram check
Personal research and publication on malware families
A machine learning malware analysis framework for Android apps.
MCP server for VirusTotal API — analyze URLs, files, IPs, and domains with comprehensive security reports, relationship analysis, and pagination support.
Android Malware Samples
SEMA is based on angr, a symbolic execution engine used to extract API calls. Especially, we extend ANGR with strategies to create representative signatures based on System Call Dependency graph (SCDG). Those SCDGs can be exploited in machine learning modules to do classification/detection.
A customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.
Chrome/Edge 浏览器扩展,5 规则实时检测银狐木马钓鱼仿冒网站。域名仿冒 · ICP备案核查 · 下载拦截 · 链接分析 · 代码工程化 — 零依赖 Manifest V3。
Decompiler and deobfuscator that offers support to track discord webhooks inside: blank stealer, luna grabber, thiefcat, Creal and all unobfuscated grabbers
Drebin - NDSS 2014 Re-implementation
Bypass Malware Time Delays
This is the implementation of MalConv proposed in [Malware Detection by Eating a Whole EXE](https://arxiv.org/abs/1710.09435) and its adversarial sample crafting.
A Malware classifier dataset built with header fields’ values of Portable Executable files
Incarcero is a tool that creates Virtual Machines (VMs) preconfigured with malware analysis tools and security settings tailored for malware analysis without any user interaction.
A list of awesome malware detection tools
Advanced dynamic malware analysis tool.
Malware-Detection-System-Using-Deep-Learning-Project. Project Includes PPT. Code, Explanation Video and Documents
A neural approach to malware detection in portable executables
A high-risk archive of historical malware, exploit kits, crypters, and webshells for educational and cybersecurity research purposes. None of this code is authored by the repository owner, and no responsibility is taken for misuse,🔒 Intended Audience: Cybersecurity researchers, malware analysts...
MultiAV scanner with Python and JSON REST API using Malice Docker AV Containers and Docker-Machine based Autoscaling
A Deep Learning framework that analyses Windows PE files to detect malicious Softwares.