Neo23x0 / malware-gems

A not so awesome list of malware gems for aspiring malware analysts

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

malware-gems

NOTE: WORK IN PROGRESS! (Updated 1 July 2020)

What's this all about?

This page contains a list of mostly malware analysis / reverse engineering related tools, training, podcasts, blog posts, literature and just about anything else closely related to the topic. This page serves as a catalog of sorts, containing "gems", some of which you may have stumbled across, and many others that you may not have.

Who is this page aimed at?

Myself:

When first starting out, I was overwhelmed by how malware/RE related material was somewhat scattered all over the Internet. With a limited availability of books and training, I started to collect my go-to sites for certain resources and tools in order to achive certain tasks.

Beginners:

I often get asked "how do you get started in malware analysis / RE". I'm hoping this list will provide a starting point at least. Anyone who has been practicing malware analysis for even a small amount of time, knows that there really is no single resource or location that will simply teach the art of malware analysis / RE. Plain and simple. That said, having a useful list of links is at least a starting point. However, one caveat is that this list should NOT replace your OWN time spent researching and learning by yourself. This is very much part of "the journey" towards becomming a better malware analyst / RE, similar to that of becomming a l33t h4x0r! ;)

Anyone else:

Regardless of skill/experience level, even the more experienced malware analyst / RE may hopefully find one or two useful gems on this page that they haven't yet stumbled across. This is where the name "malware-gems" originated from... Original, I know.. ;)

Isn't this similar to other "awesome" lists that exist on Github?

Perhaps. While the various awesome "awesome" lists (as awesome as they are) gave me inspiration, I wanted to centralise my own tools/links etc due to growing my own malware analysis skills, in the hope that once I have things in one page, things may hopefully become a bit clearer in my head! In some ways, as awesome as the other various "awesome" lists are, I hope that this list will in itself be just as awesome, due to the fact that the this reflects a true and current representation of a malware analyst such as myself, who is building up their own knowledge with active links to tools, reading material etc!

Anything else?

If you have any feedback or would like your site listed, feel free to reach out via Twitter. Twitter handle: 0x4143

Disclaimer:
  • Full credits/props/respect to all the respective authors for their content.
  • I suspect that this list may morph gradually over time to possibly include other infosec related tools/links that aren't directly related to malware or RE, but I will try my very best to stay on topic! =)
  • The links contained in each section are currently in no particular order.
  • I may clean up the order at some point e.g. alphabetize, or order by preference.
  • Some tools/links may likely be in the wrong category, I will review this as time goes on.
  • This is a work-in-progress so bare with me!
  • Sharing is caring, so feel free to forward this link around.
  • "Haters gonna hate"!
  • And last but not least, **enjoy! =)

Adversary Emulation:

Books:

CheatSheets/Tables:

CTF's:

Decoders:

Debuggers:

Disassemblers:

Document Analysis Tools:

Dynamic/Behavioural Analysis Tools:

Funny/Random:

Honeypots:

ICS:

IDA:

IOT:

IR:

JavaScript Deobfuscation Tools:

LNK File Analysis:

MAC:

Malware Repo's:

Maps / Stats (eye candy):

Memory Forensics:

Misc Tools:

.Net Debuggers/Decompilers:

Network Analysis:

Operating Systems:

OSINT Online Tools:

Password Cracking:

Podcasts:

PowerShell decoding:

Ransomware:

Reading Material:

Sandbox Tools (Online):

Sandbox Tools (Offline):

Shellcode Tools:

Static Analysis Tools:

Text/hex Editor Tools:

Threat Intelligence:

Training:

Unpacking:

VBA Deobfuscation Tools:

Video:

XOR Decoding Tools:

Yara Related:

About

A not so awesome list of malware gems for aspiring malware analysts