malware-organiser

A simple tool to organise large malicious/benign files into a organised Structur

Python0mit

6 years ago

clean-filemaliciousmalware

malware-jail

Sandbox for semi-automatic Javascript malware analysis, deobfuscation and payloa

JavaScript456mit

last year

analysisanglerdeobfuscation

Android-Malware-Sandbox

Android-Malware-Sandbox

Android Malware Sandbox

JavaScript278apache-2.0

2 years ago

android-malware

Collection of android malware samples

Shell1029

5 years ago

javascript-malware-collection

Collection of almost 40.000 javascript malware samples

JavaScript658cc0-1.0

4 months ago

javascriptmalware-jailmalware-research

awesome-malware-persistence

A curated list of awesome malware persistence tools and resources.

167cc0-1.0

4 months ago

awesomeawesome-listmalware

malware-persistence

Collection of malware persistence and hunting information. Be a persistent persi

162cc-by-sa-4.0

4 months ago

malwaremalware-analysismalware-detection

MaleX

MaleX

A curated dataset of malware and benign Windows executable samples for malware r

HTML37gpl-3.0

10 months ago

deep-learningimage-classificationmachine-learning

Malware

Malware

Course materials for Malware Analysis by RPISEC

3766

2 years ago

awesome-malware-analysis

awesome-malware-analysis

Defund the Police.

11430other

5 months ago

analysis-frameworkautomated-analysisawesome

DAMM

Differential Analysis of Malware in Memory

Python208gpl-2.0

8 years ago

DC3-MWCP

DC3 Malware Configuration Parser (DC3-MWCP) is a framework for parsing configura

Python291other

5 months ago

automationconfig-dumpframework

CloudIntel

CloudIntel

This repo contains IOC, malware and malware analysis associated with Public clou

238mit

3 months ago

awsazureexploit

pafish

pafish

Pafish is a testing tool that uses different techniques to detect virtual machin

C3266gpl-3.0

5 months ago

analysis-environmentsmalwaremalware-analysis

malware-ioc

malware-ioc

Indicators of Compromises (IOC) of our various investigations

YARA1582bsd-2-clause

4 months ago

iocmalwaremisp

Limon

Limon is a sandbox developed as a research project written in python, which auto

Python387gpl-3.0

8 years ago

Ragpicker

Ragpicker

Ragpicker is a Plugin based malware crawler with pre-analysis and reporting func

Python91

9 years ago

HaboMalHunter

HaboMalHunter

HaboMalHunter is a sub-project of Habo Malware Analysis System (https://habo.qq.

Python726other

2 years ago

dynamic-analysiselflinux

malpdfobj

Builds json representation of PDF malware sample

Python51mit

14 years ago

polichombr

polichombr

Collaborative malware analysis framework

Python373other

6 years ago

idaida-pluginidapro

box-js

A tool for studying JavaScript malware.

JavaScript609mit

last year

es6es6-proxiesjavascript

PyPackerDetect

A malware dataset curation tool which helps identify packed samples.

Python28agpl-3.0

6 years ago

malwarepackerpefile

malsub

A Python RESTful API framework for online malware analysis and threat intelligen

Python366other

6 months ago

api-clientcybersecuritymalware

Malfunction

Malware Analysis Tool using Function Level Fuzzy Hashing

Python191lgpl-2.1

9 years ago

ember

ember

Elastic Malware Benchmark for Empowering Researchers

Jupyter Notebook922other

3 months ago

macOS-Fortress

macOS-Fortress

Firewall and Privatizing Proxy for Trackers, Attackers, Malware, Adware, and Spa

Shell408mit

3 years ago

adblockadblockinganti-virus

persistence_demos

Demos of various (also non standard) persistence methods used by malware

C++217

2 years ago

imalse

Integrated MALware Simulator and Emulator

Tcl11gpl-3.0

11 years ago

MalConfScan

MalConfScan

Volatility plugin for extracts configuration data of known malware

Python479other

11 months ago

forensicsmalwarememory

CAPEv2

CAPEv2

Malware Configuration And Payload Extraction

Python1807other

4 months ago

capeconfigsdebugging-tools

al-khaser

al-khaser

Public malware techniques used in the wild: Virtual Machine, Emulation, Debugger

C++5709gpl-2.0

8 months ago

anti-analysisanti-debugginganti-disassembly

dorothy2

dorothy2

A malware/botnet analysis framework written in Ruby.

Ruby197other

last year

maldrolyzer

Simple framework to extract "actionable" data from Android malware (C&Cs, phone

Python100mit

10 years ago

stringsifter

stringsifter

A machine learning tool that ranks strings based on their relevance for malware

Python671apache-2.0

4 months ago

fireeye-data-sciencefireeye-flarelearning-to-rank

aleph

An Open Source Malware Analysis Pipeline System

CSS156

3 years ago

malSploitBase

Malware exploits

Python531

5 years ago

mobileAudit

mobileAudit

Django application that performs SAST and Malware Analysis for Android APKs

HTML198gpl-3.0

4 months ago

androguardandroid-securityapk

BoomBox

BoomBox

Automatic deployment of Cuckoo Sandbox malware lab using Packer and Vagrant

PowerShell230mpl-2.0

2 years ago

pyarascanner

A simple many-rules to many-files YARA scanner for incident response or malware

Python25apache-2.0

6 years ago

dfirincident-responsepython

hosts-blocklists

Automatically updated, moderated and optimized lists for blocking ads, trackers,

2312

last year

adblockadsblacklist

Vezir-Project

Vezir-Project

Yet Another Linux Virtual Machine for Mobile Application Pentesting and Mobile M

101

9 years ago

PINdemonium

A pintool in order to unpack malware

C++225gpl-3.0

8 years ago

SMRT

Sublime Malware Research Tool

Python64gpl-3.0

3 years ago

malheur

A Tool for Automatic Analysis of Malware Behavior

C365gpl-3.0

6 years ago

classificationclusteringmachine-learning

recomposer

Randomly changes Win32/64 PE Files for 'safer' uploading to malware and sandbox

Python130

11 years ago

Androl4b

A Virtual Machine For Assessing Android applications, Reverse Engineering and Ma

1103

last year

androidapplication-securitymalware-analyzer

MalPipe

Malware/IOC ingestion and processing engine

Python102gpl-3.0

6 years ago

PortEx

PortEx

Java library to analyse Portable Executable files with a special focus on malwar

Java495apache-2.0

3 months ago

packware

Effects of packers on machine-learning-based malware classifiers that use only s

Python81

5 months ago

udcide

udcide

Android Malware Behavior Deleter

Python32gpl-3.0

3 years ago

androidantiviruseditor

hblock

hblock

Improve your security and privacy by blocking ads, tracking and malware domains.

Shell1617mit

22 days ago

ad-blockeradblockadblocker

sandboxapi

Minimal, consistent Python API for building integrations with malware sandboxes.

Python133gpl-2.0

9 months ago

api-clientautomated-analysislibrary

mastiff

Malware static analysis framework

Python174

5 years ago

malwarehouse

A warehouse for your malware

Python131other

12 years ago

showstopper

ShowStopper is a tool for helping malware researchers explore and test anti-debu

C++194mit

2 years ago

anti-debugmalwareresearch

cuckoo

Cuckoo Sandbox is an automated dynamic malware analysis system

JavaScript5489other

3 years ago

dagda

dagda

a tool to perform static analysis of known vulnerabilities, trojans, viruses, ma

Python1158apache-2.0

last year

detecting-anomalous-activitiesdockermalware-detection

ward

Simple ELF runtime packer for creating self-protecting binaries

Go14mit

last year

peframe

peframe

PEframe is a open source tool to perform static analysis on Portable Executable

YARA600

2 years ago

VolDiff

VolDiff: Malware Memory Footprint Analysis based on Volatility

Python191bsd-2-clause

7 years ago

ghost-usb-honeypot

A honeypot for malware that propagates via USB storage devices

C93gpl-3.0

10 years ago

cuckoo-droid

CuckooDroid - Automated Android Malware Analysis with Cuckoo Sandbox.

Python578

4 years ago

avclass

AVClass malware labeling tool

Python455mit

6 months ago

unpacker

Automated malware unpacker

Python117

9 years ago

flare-floss

flare-floss

FLARE Obfuscated String Solver - Automatically extract obfuscated strings from m

Python3133apache-2.0

3 months ago

deobfuscationflaregsoc-2024

VolatilityBot

VolatilityBot

VolatilityBot – An automated memory analyzer for malware samples and memory dump

Python262mit

3 years ago

AutoRuns

🚀AutoRuns is a PowerShell module that will help do live incident response and

PowerShell249other

7 months ago

Raspirus

Raspirus

A user- and resources-friendly signatures-based malware scanner

Rust101gpl-3.0

4 months ago

malwarenextjsrust

Noriben

Noriben

Noriben - Portable, Simple, Malware Analysis Sandbox

Python1094other

12 months ago

bluepill

bluepill

BluePill: Neutralizing Anti-Analysis Behavior in Malware Dissection (Black Hat E

C++119lgpl-3.0

3 years ago

debuggermalwaremalware-analysis

malcom

malcom

Malcom - Malware Communications Analyzer

Python1148other

7 years ago

dfirinfosecmalware

x64dbg

x64dbg

An open-source user mode debugger for Windows. Optimized for reverse engineering

C++43852other

4 months ago

binary-analysiscppctf

binaryalert

binaryalert

BinaryAlert: Serverless, Real-time & Retroactive Malware Detection.

Python1401apache-2.0

11 months ago

awslambdamalware-detection

theZoo

theZoo

A repository of LIVE malwares for your own joy and pleasure. theZoo is a project

Python11032other

6 months ago

malwaremalware-analysismalware-research

Mobile-Security-Framework-MobSF

Mobile-Security-Framework-MobSF

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application

JavaScript16875gpl-3.0

3 months ago

android-securityapi-testingapk

DECAF

DECAF

DECAF (short for Dynamic Executable Code Analysis Framework) is a binary analysi

C794gpl-3.0

4 months ago

binary-analysistaint-analysis

Zeus

Zeus

NOT MY CODE! Zeus trojan horse - leaked in 2011, I am not the author. This repos

C1389

4 years ago

cc-plus-plusleaks

generic-parser

generic-parser

A Single Library Parser to extract meta information,static analysis and detect m

Python0mit

6 years ago

dynamic-analysislibmagicmachine-learning

Ebowla

Framework for Making Environmental Keyed Payloads (NO LONGER SUPPORTED)

Python729other

6 years ago

clueless-agentsgolangmemorymodule

UTM

UTM

Description UTM lets you run Windows® 10, Windows® 11, Ubuntu®, or macOS(*

Swift25799apache-2.0

3 months ago

appleemulationios

boringtun

boringtun

Description 1.1.1.1 w/ WARP – the free app that makes your Internet more pr

Rust5945bsd-3-clause

5 months ago

cloudflarerustwireguard

malware-organiser

A simple tool to organise large malicious/benign files into a organised Structur

Python0mit

6 years ago

clean-filemaliciousmalware

malware-jail

Sandbox for semi-automatic Javascript malware analysis, deobfuscation and payloa

JavaScript456mit

last year

analysisanglerdeobfuscation

Android-Malware-Sandbox

Android-Malware-Sandbox

Android Malware Sandbox

JavaScript278apache-2.0

2 years ago

android-malware

Collection of android malware samples

Shell1029

5 years ago

javascript-malware-collection

Collection of almost 40.000 javascript malware samples

JavaScript658cc0-1.0

4 months ago

javascriptmalware-jailmalware-research

awesome-malware-persistence

A curated list of awesome malware persistence tools and resources.

167cc0-1.0

4 months ago

awesomeawesome-listmalware

malware-persistence

Collection of malware persistence and hunting information. Be a persistent persi

162cc-by-sa-4.0

4 months ago

malwaremalware-analysismalware-detection

MaleX

MaleX

A curated dataset of malware and benign Windows executable samples for malware r

HTML37gpl-3.0

10 months ago

deep-learningimage-classificationmachine-learning

Malware

Malware

Course materials for Malware Analysis by RPISEC

3766

2 years ago

awesome-malware-analysis

awesome-malware-analysis

Defund the Police.

11430other

5 months ago

analysis-frameworkautomated-analysisawesome

DAMM

Differential Analysis of Malware in Memory

Python208gpl-2.0

8 years ago

DC3-MWCP

DC3 Malware Configuration Parser (DC3-MWCP) is a framework for parsing configura

Python291other

5 months ago

automationconfig-dumpframework

CloudIntel

CloudIntel

This repo contains IOC, malware and malware analysis associated with Public clou

238mit

3 months ago

awsazureexploit

pafish

pafish

Pafish is a testing tool that uses different techniques to detect virtual machin

C3266gpl-3.0

5 months ago

analysis-environmentsmalwaremalware-analysis

malware-ioc

malware-ioc

Indicators of Compromises (IOC) of our various investigations

YARA1582bsd-2-clause

4 months ago

iocmalwaremisp

Limon

Limon is a sandbox developed as a research project written in python, which auto

Python387gpl-3.0

8 years ago

Ragpicker

Ragpicker

Ragpicker is a Plugin based malware crawler with pre-analysis and reporting func

Python91

9 years ago

HaboMalHunter

HaboMalHunter

HaboMalHunter is a sub-project of Habo Malware Analysis System (https://habo.qq.

Python726other

2 years ago

dynamic-analysiselflinux

malpdfobj

Builds json representation of PDF malware sample

Python51mit

14 years ago

polichombr

polichombr

Collaborative malware analysis framework

Python373other

6 years ago

idaida-pluginidapro

box-js

A tool for studying JavaScript malware.

JavaScript609mit

last year

es6es6-proxiesjavascript

PyPackerDetect

A malware dataset curation tool which helps identify packed samples.

Python28agpl-3.0

6 years ago

malwarepackerpefile

malsub

A Python RESTful API framework for online malware analysis and threat intelligen

Python366other

6 months ago

api-clientcybersecuritymalware

Malfunction

Malware Analysis Tool using Function Level Fuzzy Hashing

Python191lgpl-2.1

9 years ago

ember

ember

Elastic Malware Benchmark for Empowering Researchers

Jupyter Notebook922other

3 months ago

macOS-Fortress

macOS-Fortress

Firewall and Privatizing Proxy for Trackers, Attackers, Malware, Adware, and Spa

Shell408mit

3 years ago

adblockadblockinganti-virus

persistence_demos

Demos of various (also non standard) persistence methods used by malware

C++217

2 years ago

imalse

Integrated MALware Simulator and Emulator

Tcl11gpl-3.0

11 years ago

MalConfScan

MalConfScan

Volatility plugin for extracts configuration data of known malware

Python479other

11 months ago

forensicsmalwarememory

CAPEv2

CAPEv2

Malware Configuration And Payload Extraction

Python1807other

4 months ago

capeconfigsdebugging-tools

al-khaser

al-khaser

Public malware techniques used in the wild: Virtual Machine, Emulation, Debugger

C++5709gpl-2.0

8 months ago

anti-analysisanti-debugginganti-disassembly

dorothy2

dorothy2

A malware/botnet analysis framework written in Ruby.

Ruby197other

last year

maldrolyzer

Simple framework to extract "actionable" data from Android malware (C&Cs, phone

Python100mit

10 years ago

stringsifter

stringsifter

A machine learning tool that ranks strings based on their relevance for malware

Python671apache-2.0

4 months ago

fireeye-data-sciencefireeye-flarelearning-to-rank

aleph

An Open Source Malware Analysis Pipeline System

CSS156

3 years ago

malSploitBase

Malware exploits

Python531

5 years ago

mobileAudit

mobileAudit

Django application that performs SAST and Malware Analysis for Android APKs

HTML198gpl-3.0

4 months ago

androguardandroid-securityapk

BoomBox

BoomBox

Automatic deployment of Cuckoo Sandbox malware lab using Packer and Vagrant

PowerShell230mpl-2.0

2 years ago

pyarascanner

A simple many-rules to many-files YARA scanner for incident response or malware

Python25apache-2.0

6 years ago

dfirincident-responsepython

hosts-blocklists

Automatically updated, moderated and optimized lists for blocking ads, trackers,

2312

last year

adblockadsblacklist

Vezir-Project

Vezir-Project

Yet Another Linux Virtual Machine for Mobile Application Pentesting and Mobile M

101

9 years ago

PINdemonium

A pintool in order to unpack malware

C++225gpl-3.0

8 years ago

SMRT

Sublime Malware Research Tool

Python64gpl-3.0

3 years ago

malheur

A Tool for Automatic Analysis of Malware Behavior

C365gpl-3.0

6 years ago

classificationclusteringmachine-learning

recomposer

Randomly changes Win32/64 PE Files for 'safer' uploading to malware and sandbox

Python130

11 years ago

Androl4b

A Virtual Machine For Assessing Android applications, Reverse Engineering and Ma

1103

last year

androidapplication-securitymalware-analyzer

MalPipe

Malware/IOC ingestion and processing engine

Python102gpl-3.0

6 years ago

PortEx

PortEx

Java library to analyse Portable Executable files with a special focus on malwar

Java495apache-2.0

3 months ago

packware

Effects of packers on machine-learning-based malware classifiers that use only s

Python81

5 months ago

udcide

udcide

Android Malware Behavior Deleter

Python32gpl-3.0

3 years ago

androidantiviruseditor

hblock

hblock

Improve your security and privacy by blocking ads, tracking and malware domains.

Shell1617mit

22 days ago

ad-blockeradblockadblocker

sandboxapi

Minimal, consistent Python API for building integrations with malware sandboxes.

Python133gpl-2.0

9 months ago

api-clientautomated-analysislibrary

mastiff

Malware static analysis framework

Python174

5 years ago

malwarehouse

A warehouse for your malware

Python131other

12 years ago

showstopper

ShowStopper is a tool for helping malware researchers explore and test anti-debu

C++194mit

2 years ago

anti-debugmalwareresearch

cuckoo

Cuckoo Sandbox is an automated dynamic malware analysis system

JavaScript5489other

3 years ago

dagda

dagda

a tool to perform static analysis of known vulnerabilities, trojans, viruses, ma

Python1158apache-2.0

last year

detecting-anomalous-activitiesdockermalware-detection

ward

Simple ELF runtime packer for creating self-protecting binaries

Go14mit

last year

peframe

peframe

PEframe is a open source tool to perform static analysis on Portable Executable

YARA600

2 years ago

VolDiff

VolDiff: Malware Memory Footprint Analysis based on Volatility

Python191bsd-2-clause

7 years ago

ghost-usb-honeypot

A honeypot for malware that propagates via USB storage devices

C93gpl-3.0

10 years ago

cuckoo-droid

CuckooDroid - Automated Android Malware Analysis with Cuckoo Sandbox.

Python578

4 years ago

avclass

AVClass malware labeling tool

Python455mit

6 months ago

unpacker

Automated malware unpacker

Python117

9 years ago

flare-floss

flare-floss

FLARE Obfuscated String Solver - Automatically extract obfuscated strings from m

Python3133apache-2.0

3 months ago

deobfuscationflaregsoc-2024

VolatilityBot

VolatilityBot

VolatilityBot – An automated memory analyzer for malware samples and memory dump

Python262mit

3 years ago

AutoRuns

🚀AutoRuns is a PowerShell module that will help do live incident response and

PowerShell249other

7 months ago

Raspirus

Raspirus

A user- and resources-friendly signatures-based malware scanner

Rust101gpl-3.0

4 months ago

malwarenextjsrust

Noriben

Noriben

Noriben - Portable, Simple, Malware Analysis Sandbox

Python1094other

12 months ago

bluepill

bluepill

BluePill: Neutralizing Anti-Analysis Behavior in Malware Dissection (Black Hat E

C++119lgpl-3.0

3 years ago

debuggermalwaremalware-analysis

malcom

malcom

Malcom - Malware Communications Analyzer

Python1148other

7 years ago

dfirinfosecmalware

x64dbg

x64dbg

An open-source user mode debugger for Windows. Optimized for reverse engineering

C++43852other

4 months ago

binary-analysiscppctf

binaryalert

binaryalert

BinaryAlert: Serverless, Real-time & Retroactive Malware Detection.

Python1401apache-2.0

11 months ago

awslambdamalware-detection

theZoo

theZoo

A repository of LIVE malwares for your own joy and pleasure. theZoo is a project

Python11032other

6 months ago

malwaremalware-analysismalware-research

Mobile-Security-Framework-MobSF

Mobile-Security-Framework-MobSF

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application

JavaScript16875gpl-3.0

3 months ago

android-securityapi-testingapk

DECAF

DECAF

DECAF (short for Dynamic Executable Code Analysis Framework) is a binary analysi

C794gpl-3.0

4 months ago

binary-analysistaint-analysis

Zeus

Zeus

NOT MY CODE! Zeus trojan horse - leaked in 2011, I am not the author. This repos

C1389

4 years ago

cc-plus-plusleaks

generic-parser

generic-parser

A Single Library Parser to extract meta information,static analysis and detect m

Python0mit

6 years ago

dynamic-analysislibmagicmachine-learning

Ebowla

Framework for Making Environmental Keyed Payloads (NO LONGER SUPPORTED)

Python729other

6 years ago

clueless-agentsgolangmemorymodule

UTM

UTM

Description UTM lets you run Windows® 10, Windows® 11, Ubuntu®, or macOS(*

Swift25799apache-2.0

3 months ago

appleemulationios

boringtun

boringtun

Description 1.1.1.1 w/ WARP – the free app that makes your Internet more pr

Rust5945bsd-3-clause

5 months ago

cloudflarerustwireguard