Threat-Intelligence-Analyst

威胁情报，恶意样本分析，自动化python脚本，开源Malware代码收集,APT攻击安例相关

Hack

https://github.com/Hack-with-Github/Awesome-Hacking

恶意软件分析大合集

https://github.com/rshipp/awesome-malware-analysis
https://github.com/wtsxDev/Malware-Analysis
https://github.com/CHYbeta/Software-Security-Learning

LifeOfBinarie

http://www.opensecuritytraining.info/LifeOfBinaries.html

Malware Analyst

https://pastebin.com/QXURDzmA

在线检测恶意软件网站

https://www.hybrid-analysis.com/
https://www.virustotal.com/#/home/upload
https://www.reverse.it/
https://www.maldun.com/submit/submit_file/
https://habo.qq.com/
https://www.joesandbox.com/
https://virusscan.jotti.org/
http://www.threatexpert.com/submit.aspx
http://virscan.org/
https://any.run/
https://id-ransomware.malwarehunterteam.com/

ida视频

http://hdvidzpro.pro/video/ida-tutorial

恶意样本分析

https://secrary.com/ReversingMalware/CoinMiner/
https://secrary.com/ReversingMalware
https://secrary.com/ReversingMalware/Upatre/
https://secrary.com/ReversingMalware/Mamba/
https://secrary.com/ReversingMalware/UnpackingShade/
https://secrary.com/ReversingMalware/Enosch/
https://www.anquanke.com/post/id/87172
http://blog.talosintelligence.com/2017/11/zeus-panda-campaign.html

Malware Sample Sources for Researchers

https://zeltser.com/malware-sample-sources/

List of Malware Sources

http://www.kernelmode.info/forum/viewtopic.php?f=16&t=308

WMI BackDoor

https://www.eideon.com/2018-03-02-THL03-WMIBackdoors/

IDA

http://kingerwu.com/2017/12/16/IDA%E6%93%8D%E4%BD%9C%E7%9F%A5%E8%AF%86%E8%AE%B0%E5%BD%95/#more

malware analysis labs

https://cybersecweb.wordpress.com/2016/07/12/malware-analysis-labs/

VMP/TMD Unpack

OD调试过VMProtect虚拟机检测教程
https://www.52pojie.cn/thread-411742-1-1.html

TMD壳的脱壳（可能是2.1.8）
https://www.52pojie.cn/thread-675279-1-1.html

VMP v3.0.9过VMware检测
https://www.52pojie.cn/thread-635613-1-4.html

分析一个新型VM的CrackMe
https://www.52pojie.cn/thread-695729-1-1.html

MIPS 路由器木马

http://www.freebuf.com/articles/network/88798.html

PowerShell

https://docs.microsoft.com/zh-cn/powershell/scripting/powershell-scripting?view=powershell-6

Limon Sandbox For Analyzing Linux Malwares

https://malware-unplugged.blogspot.com/2015/11/limon-sandbox-for-analyzing-linux.html
https://www.blackhat.com/docs/eu-15/materials/eu-15-KA-Automating-Linux-Malware-Analysis-Using-Limon-Sandbox-wp.pdf
https://www.youtube.com/watch?v=fSCKyF--tRs&feature=youtu.be

Advanced Malware Analysis

https://cysinfo.com/category/training/advanced-malware-analysis/

CoinMiner

Linux.挖矿.cpuminer方法记录
http://www.bubuko.com/infodetail-2167951.html

Compile CPUminer under Linux CentOS
https://rumorscity.com/2014/01/04/compile-and-install-cpuminer-on-linux-centos/

搭建Redis&Minerd安全应急演练环境
http://www.freebuf.com/sectool/156904.html

centos 6.3 64位下cpuminer +mining_proxy 挖掘莱特币（LTC）教程
https://www.cnblogs.com/sixiweb/archive/2013/12/02/3454564.html

coinotron
https://www.coinotron.com

NET Malware

https://blogs.cisco.com/security/talos/reversing-multilayer-net-malware

Yara

http://www.freebuf.com/articles/system/26373.html
https://github.com/plusvic/yara/releases/tag/v2.0.0
https://yara.readthedocs.io/en/v3.5.0/gettingstarted.html
https://analysis.yararules.com/
https://github.com/Yara-Rules/rules
https://www.bsk-consulting.de/2015/02/16/write-simple-sound-yara-rules/
https://www.bsk-consulting.de/2015/10/17/how-to-write-simple-but-sound-yara-rules-part-2/
https://www.bsk-consulting.de/2016/04/15/how-to-write-simple-but-sound-yara-rules-part-3/

教你构建自己的yara数据库

http://blog.safedog.cn/?p=281

基础反调试技术总结

https://bbs.pediy.com/thread-212371.htm

ARM Exploit

http://www.freebuf.com/articles/terminal/107276.html

Linux下莱特币Litecoin挖矿教程
https://blog.linuxeye.cn/385.html

Linux 莱特币LTC CPU挖掘教程
http://www.iitshare.com/linux-litecoin-ltc-mining-tutorial.html

以太坊Linux系统挖矿教程
http://www.8btc.com/gpu-mining

莱特币ltc挖矿教程:cpu挖矿与gpu挖矿(详细图文)
http://www.mnw.cn/news/digi/699354.html

勒索软件分析报告

File-Locker Ransomware
https://www.bleepingcomputer.com/news/security/file-locker-ransomware-targets-korean-victims-and-asks-for-50k-won/

层层抽丝——GlobeImposter勒索病毒分析
https://bbs.ichunqiu.com/thread-30152-1-1.html

轻轻脱掉你的衣--宏病毒的*姿势
https://bbs.ichunqiu.com/thread-29739-1-2.html

揭秘Chimera勒索软件
http://www.freebuf.com/articles/system/112142.html

初步分析勒索软件ZEPTO
http://www.freebuf.com/articles/system/112328.html

新型恶意勒索软件cuteRansomware
http://www.freebuf.com/news/109242.html

使用AES-256加密算法的勒索软件SkidLocker分析
http://www.freebuf.com/articles/terminal/99153.html

NanoLocker勒索软件的逆向分析
http://www.freebuf.com/articles/network/94595.html

新型恶意勒索软件DMA Locker分析
http://www.freebuf.com/articles/network/96738.html

locky勒索软件恶意样本分析2
http://www.ithtw.com/thread-8888.htm

locky勒索软件恶意样本分析1
http://blog.topsec.com.cn/ad_lab/locky%E5%8B%92%E7%B4%A2%E8%BD%AF%E4%BB%B6%E6%81%B6%E6%84%8F%E6%A0%B7%E6%9C%AC%E5%88%86%E6%9E%90/

Docker分析文章

Docker恶意软件分析系列之初识Docker
http://blog.sina.com.cn/s/blog_e8e60bc00102vl37.html
Docker恶意软件分析系列II：客户端风险分析
http://blog.sina.com.cn/s/blog_e8e60bc00102vlq7.html
Docker恶意软件分析系列III：用viper分析APK和木马信息
http://blog.sina.com.cn/s/blog_e8e60bc00102vm2p.html
Docker恶意软件分析系列Ⅳ：js反混淆分析
http://blog.sina.com.cn/s/blog_e8e60bc00102vmwi.html
Docker恶意软件分析系列V：ALICTF决赛题目设计
http://blog.sina.com.cn/s/blog_e8e60bc00102vnr0.html
Docker恶意软件分析系列VI：ALICTF决赛解题思路
http://blog.sina.com.cn/s/blog_e8e60bc00102vnr6.html

MalwareVbr

https://0x4954.wordpress.com/2017/12/03/dfir-tips-malwarevbr-vm/

JS混淆

http://relentless-coding.org/projects/jsdetox/samples
http://www.freebuf.com/column/157281.html

BitCode

https://blockchain.info/

Processon

https://www.processon.com/

RTFOBJ

https://www.decalage.info/python/rtfobj

Python

https://awesome-python.com/

Linux Malware Analyst

http://blog.malwaremustdie.org/2016/11/linux-malware.html

Window Payload

http://www.freebuf.com/articles/system/156710.html

PowerShell

http://www.freebuf.com/articles/database/101267.html
http://www.freebuf.com/sectool/120675.html
http://www.freebuf.com/sectool/136328.html
http://www.freebuf.com/sectool/144824.html
http://www.freebuf.com/sectool/149835.html

PART 2A: INTRO TO THREAT HUNTING WITH KOLIDE FLEET, OSQUERY, POWERSHELL EMPIRE, AND CALDERA – SETUP ENVIRONMENT

https://holdmybeersecurity.com/2018/01/16/part-2a-intro-to-threat-hunting-with-kolide-fleet-osquery-powershell-empire-and-caldera-setup-environment/

R2

https://sec.xiaomi.com/article/30

威胁情报网站

https://x.threatbook.cn/
https://ti.360.com/
https://www.threatminer.org/

恶意流量分析网站

http://www.malware-traffic-analysis.net

安全网站

https://quequero.org/

ML Malware

http://www.covert.io/the-definitive-security-datascience-and-machinelearning-guide/

看雪知识库

https://www.kanxue.com/chm.htm

NET逆向

https://www.anquanke.com/post/id/89730
https://www.anquanke.com/post/id/90174

虚拟机检测技术攻防

http://blog.csdn.net/whatday/article/details/10393325

x86_64 Reverse-Engineering

https://leotindall.com/tutorial/an-intro-to-x86_64-reverse-engineering/

Unpacking Shade Ransomware

https://secrary.com/ReversingMalware/UnpackingShade/

DDoS

https://www.secpulse.com/archives/64088.html
https://www.secpulse.com/archives/65477.html

Android So

https://bbs.pediy.com/thread-221965.htm

VMWare

https://remnux.org/docs/distro/tools/

MalwareCookBook

https://github.com/mgoffin/malwarecookbook

Malware Analyst Research Toolkit

https://github.com/mboman/mart

SSMA - Simple Static Malware Analyzer

https://github.com/secrary/SSMA

Malicious traffic detection system

https://github.com/stamparm/maltrail

Collection of android malware samples - Android Samples

https://github.com/ashishb/android-malware

Malware Source

https://github.com/Chiggins/malware_sources

List of awesome malware analysis tools and resources

https://github.com/wtsxDev/Malware-Analysis

A collection of OSX and iOS security resources

https://github.com/kai5263499/osx-security-awesome

Malware

https://github.com/0xBADBAC0N/malware

ARM Emulate

https://salmanarif.bitbucket.io/visual/downloads.html

Static and automated/dynamic malware analysis

https://github.com/abdesslem/malwareHunter

Rootkits | Backdoors | Sniffers | Virus | Ransomware | Steganography | Cryptography | Shellcodes | Webshells | Keylogger | Botnets | Worms | Other Network Tools

https://github.com/vduddu/Malware

Malware Classifier From Network Captures

https://github.com/adulau/MalwareClassifier

Collection of scripts for different malware analysis tasks

https://github.com/deadbits/malware-analysis-scripts

POC Android Malware Ransomware/Recon

https://github.com/tfairane/AndroMalware

Repository containing Yara rules, indicators and tools from PhishMe Research

https://github.com/phishme/malware_analysis

Binaries for the book Practical Malware Analysis

https://github.com/mikesiko/PracticalMalwareAnalysis-Labs

Android Malware

https://github.com/virqdroid/Android_Malware

Malware Behavior Analyzer

https://github.com/GlacierW/MBA

Debian packaging of Linux Malware Detect

https://github.com/waja/maldetect

Scanning and identifying XOR encrypted PE files in PE resources

https://github.com/edix/MalwareResourceScanner

Windows Malware Rootkit

https://github.com/csurage/Rootkit

Malware static analysis framework

https://github.com/KoreLogicSecurity/mastiff

Harmless Android malware using the overlay technique to steal user credentials.

https://github.com/geeksonsecurity/android-overlay-malware-example

My personal Automated Malware Analysis Sandboxes and Services

https://github.com/ironbits/Automated-Malware-Analysis-List

Collection of almost 40.000 javascript malware samples

https://github.com/HynekPetrak/javascript-malware-collection

Code for Deep Android Malware Detection paper

https://github.com/niallmcl/Deep-Android-Malware-Detection

Various scripts for different malware families

https://github.com/sysopfb/Malware_Scripts

iOS malware samples

https://github.com/ashishb/ios-malware

An Android Eclipse project demonstrating how to build a simple anti-malware application

https://github.com/twitter-university/AntiMalware

VMWare

https://app.vagrantup.com/boxes/search

Windows Resource Download

https://msdn.itellyou.cn/

Vulnhub

https://www.vulnhub.com/

Windbg XP

http://blog.csdn.net/jiangdf/article/details/6843088

360报告

http://blogs.360.cn/blog/category/%E7%97%85%E6%AF%92%E5%88%86%E6%9E%90/

Ransomware

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-december-1st-2017-decryptors-btcware-and-more/
https://id-ransomware.malwarehunterteam.com/

VirtualKD

http://virtualkd.sysprogs.org/download/

OFFICE MALWARE/EXPLOIT

https://github.com/Screetsec/Microsploit
https://remnux.org/
https://r3mrum.wordpress.com/2017/06/29/analyzing-malicious-password-protected-office-documents/
https://dfir.it/blog/2015/06/17/analysts-handbook-analyzing-weaponized-documents/
https://zeltser.com/analyzing-malicious-documents/
https://www.shellntel.com/blog/2016/9/13/luckystrike-a-database-backed-evil-macro-generator
https://www.blackhillsinfosec.com/hide-payload-ms-office-document-properties/
https://securityoversimplicity.wordpress.com/2017/11/23/not-all-she-wrote-part-3-rigged-rtf-documents/
http://www.sdkhere.com/2017/12/analysis-of-file-spider-ransomware.html
https://pentestlab.blog/2017/12/15/microsoft-office-payloads-in-document-properties/
http://blog.51cto.com/antivirusjo/2054410 http://www.freebuf.com/vuls/159789.html
http://blog.safedog.cn/?p=1519
http://blog.safedog.cn/?p=2209

https://countuponsecurity.com/2014/09/22/malicious-documents-pdf-analysis-in-5-steps/

https://countuponsecurity.com/2014/10/24/malicious-documents-word-with-vba-and-powershell/

https://www.cert-ist.com/public/en/SO_detail?code=malicious_pdf

http://netsecurity.51cto.com/art/200907/138668.htm

https://blog.didierstevens.com/category/pdf/

http://www.itbaby.me/blog/59f7ea965d21b31fcd4e2037

https://zeltser.com/media/docs/analyzing-malicious-document-files.pdf

https://paper.seebug.org/351/

Linux x86 Exploit

https://bbs.pediy.com/user-507717-1.htm

Malware Samples

http://contagiodump.blogspot.com/
http://dasmalwerk.eu/
http://www.freetrojanbotnet.com/
https://malshare.com/
http://www.kernelmode.info/forum/viewforum.php?f=16
https://avcaesar.malware.lu/
http://www.malwareblacklist.com/showMDL.php
http://thezoo.morirt.com/
https://malwr.com/
http://openmalware.org/
http://www.virusign.com/
https://virusshare.com/

Free Automated Malware Analysis Sandboxes and Services

https://zeltser.com/automated-malware-analysis/

Free Online Tools for Looking up Potentially Malicious Websites

https://zeltser.com/lookup-malicious-websites/

APT Sample

https://contagiodump.blogspot.com/2017/02/russian-apt-apt28-collection-of-samples.html

CVE

CVE-2010-3333
http://blog.csdn.net/qq_32400847/article/details/70225519
https://wenku.baidu.com/view/11fd094384254b35effd3480.html
https://www.52pojie.cn/thread-290299-1-1.html
https://bbs.pediy.com/thread-158078.htm

CVE–2017–11882
http://bobao.360.cn/learning/detail/4734.html

CVE-2017-11826
https://blog.fortinet.com/2017/11/22/cve-2017-11826-exploited-in-the-wild-with-politically-themed-rtf-document

malware source

auto script

Course Book

https://github.com/RPISEC/Malware
https://github.com/rshipp/awesome-malware-analysis
https://github.com/mgoffin/malwarecookbook
https://github.com/MISP/MISP
https://github.com/wyyqyl/MalwareAnalysis
https://github.com/secmobi/amatutor
https://github.com/pandazheng/amatutor

AntiMalware Software

https://github.com/twitter-university/AntiMalware
https://github.com/ssesha/MalwareScanner
https://github.com/acprimer/MalwareDetector
https://github.com/kapilkchaurasia/Behavior-Based-Malware-Detection-System-for-Android

Samples

https://github.com/ashishb/ios-malware

APT

https://github.com/hfiref0x/CVE-2015-1701
https://github.com/michael-yip/APTMalwareNotes
https://github.com/abzcoding/aptdetector
https://github.com/harsh2602/APT-Detection-Via-Graph-Analytics
https://github.com/Tryan18/XCOM
https://github.com/aroradhruv03/APThreatDetectionSys
https://github.com/tobypinder/ludumdare32
https://github.com/hslatman/awesome-threat-intelligence
https://github.com/peterfelfer/AtomProbeTutorials

Tools

https://sourceforge.net/projects/remnux/files/
https://remnux.org/docs/distro/tools/

在线画图工具

https://www.processon.com/
http://www.xmindchina.net/

脱壳逆向

https://tuts4you.com
http://www.woodmann.com/
https://bbs.pediy.com/thread-224537.htm