#Malware-research
Showing 60 of 251 repositories tagged #malware-research, ranked by stars
Defund the Police.
A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.
Program for determining types of files for Windows, Linux and MacOS.
πΈ Identify anything. pyWhat easily lets you identify emails, IP addresses, and more. Feed it a .pcap file or some text and it'll tell you what it is! π§ββοΈ
Android virtual machine and deobfuscator
A curated list of awesome YARA rules, tools, and people.
For educational purposes only, exhaustive samples of 500+ classic/modern trojan builders including screenshots.
Pafish is a testing tool that uses different techniques to detect virtual machines and malware analysis environments in the same way that malware families do
Malware Configuration And Payload Extraction
Android Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android
Materials for Windows Malware Analysis training (volume 1)
VirusTotal Wanna Be - Now with 100% more Hipster
yarGen is a generator for YARA rules
A curated list of awesome resources related to executable packing
DRAKVUF Sandbox - automated hypervisor-level malware analysis system
ππ This is a ππ₯ REAL WORLDπ₯ π Malware Collection I have Compiled & analysed by researchersπ₯ to understand more about Malware threatsπ, analysis and mitigationπ§.
Builds malware analysis Windows VMs so that you don't have to.
Loading Remote AES Encrypted PE in memory , Decrypted it and run it
Golang malware development library
FAME Automates Malware Evaluation
A collection of malware samples and relevant dissection information, most probably referenced from http://blog.inquest.net
Extract and aggregate threat intelligence.
Historical Windows temporal memory-state research artifact for studying time-bound memory observations, validation limits, and defensive visibility.
An easy-to-use library for emulating memory dumps. Useful for malware analysis (config extraction, unpacking) and dynamic analysis in general (sandboxing).
Reverse Engineering and Malware Analysis Roadmap
Sandboxed Execution Environment
The PE file analysis toolkit
APK/DEX detector for Windows, Linux and MacOS.
WinDBG Anti-RootKit Extension
A collection of c++ programs that demonstrate common ways to detect the presence of an attached debugger.
Malware Sample Sources
Modular file scanning/analysis framework
A large repository of malware samples with 2500+ malware samples & source codes for a variety of platforms by Cryptware Apps.
A Binary Genetic Traits Lexer Framework
Linker/Compiler/Tool detector for Windows, Linux and MacOS.
Leaked Linux.Mirai Source Code for Research/IoC Development Purposes
Sanctum is an experimental proof-of-concept EDR, designed to detect modern malware techniques, above and beyond the capabilities of antivirus. Built in Rust.
A curated list of awesome Memory Forensics for DFIR
For educational purposes only, samples of ransomware/wiper trojans including screenshots/ransom-notes.
AssemblyLine 4: File triage and malware analysis
A pattern based Dalvik deobfuscator which uses limited execution to improve semantic analysis
Free educational courses in cybersecurity, reverse engineering, malware analysis, and programming designed to expand access, build practical skills, and support the next generation of cyber defenders.
WinAppDbg Debugger
Sandbox for semi-automatic Javascript malware analysis, deobfuscation and payload extraction. Written for Node.js
Distributed malware processing framework based on Python, Redis and S3.
Records an executable's network activity into a Full Packet Capture file (.pcap) and much more.
:wolf: Malware analysis platform
Owlyshield is an EDR framework designed to safeguard vulnerable applications from potential exploitation (C&C, exfiltration and impact).
Code written as part of our various malware investigations
An open source framework for enterprise level automated analysis.
Malware repository component for samples & static configuration with REST API interface.
Collaborative malware analysis framework
Bringing you the best of the worst files on the Internet.
AppLocker-Based EDR Neutralization
Remote Access Trojan collection.(260+ RAT-Builders!)
Cybersecurity research results. Simple C/C++ and Python implementations
This repository contains indicators of compromise (IOCs) of our various investigations.
VirusTotal Full api
Malware samples for analysis, researchers, anti-virus and system protection testing (1600+ Malware-samples!).
DrSemu - Sandboxed Malware Detection and Classification Tool Based on Dynamic Behavior