malware-analysis

There are 243 repositories under malware-analysis topic.

• x64dbg

  x64dbg / x64dbg

  An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.

  binary-analysiscppctfcybersecuritydebuggerdebuggingdisassemblerdynamic-analysisexploit-developmenthackingmalware-analysisoscpprogram-analysisreverse-engineeringsecuritysecurity-toolswindowsx64x86x86-64
  Language:C++ 43836

• radareorg / radare2

  UNIX-like reverse engineering framework and command-line toolset

  binary-analysisccommandlinedisassemblerforensicshacktoberfestmalware-analysisradare2reverse-engineeringsecurity
  Language:C 20047
• Mobile-Security-Framework-MobSF

  MobSF / Mobile-Security-Framework-MobSF

  Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

  android-securityapi-testingapkcwedevsecopsdynamic-analysisios-securitymalware-analysismastgmasvsmobile-securitymobsfmstgowasprestruntime-securitystatic-analysisweb-securitywindows-mobile-security
  Language:JavaScript 16768

• rshipp / awesome-malware-analysis

  Defund the Police.

  analysis-frameworkautomated-analysisawesomeawesome-listchinesechinese-translationdomain-analysisdrop-icedynamic-analysislistmalware-analysismalware-collectionmalware-researchmalware-samplesnetwork-trafficstatic-analysisthreat-intelligencethreat-sharingthreatintel
  11399

• ytisf / theZoo

  A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.

  malwaremalware-analysismalware-researchmalware-samplesmalwareanalysisthezoo
  Language:Python 10949
• Scanners-Box

  We5ter / Scanners-Box

  A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑

  apk-analysisbinary-analysiscode-analyzerdevsecopsexploitation-frameworkhacker-toolsinformation-securitymalware-analysispenetration-testingpentesting-toolsprivacy-complianceredteam-toolssecurity-auditsecurity-automationsmart-contractsstatic-analysisvulnerability-scannerswifi-hackingwifi-security
  8129
• pwndbg

  pwndbg / pwndbg

  Exploit Development and Reverse Engineering with GDB Made Easy

  pythongdbpedagdbinitpwndbgreverse-engineeringdebuggingctfgefhacklinuxdisassemblerida-probinary-ninjacapture-the-flagmalware-analysispwnablehacktoberfest
  Language:Python 7023
• Detect-It-Easy

  horsicq / Detect-It-Easy

  Program for determining types of files for Windows, Linux and MacOS.

  binary-analysisdebuggerdetectdetectordisassemblerelfentropyhacktoberfesthacktoberfest2023mach-omachomalware-analysismalware-researchpackerpentestprogram-analysisreverse-engineeringscannerstatic-analysisunpacker
  Language:JavaScript 6974
• gef

  hugsy / gef

  GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux

  binary-ninjactfdebuggingdiscordexploitexploit-developmentgdbgefida-prolinuxmalware-analysismipspowerpcpwnpwntoolspythonpython-apireverse-engineeringsparc
  Language:Python 6691

• bee-san / pyWhat

  🐸 Identify anything. pyWhat easily lets you identify emails, IP addresses, and more. Feed it a .pcap file or some text and it'll tell you what it is! 🧙‍♀️

  cybersecurityhackingcybersecuritymalwarerepythonpcapmalware-analysismalware-researchtryhackmehacktoberfest
  Language:Python 6478

• mandiant / flare-vm

  A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.

  malware-analysisreverse-engineeringflare
  Language:PowerShell 6165

• MISP / MISP

  MISP (core software) - Open Source Threat Intelligence and Sharing Platform

  cticybersecurityfraud-detectionfraud-managementfraud-preventioninformation-exchangeinformation-securityinformation-sharingintelligencemalware-analysismispsecuritystixthreat-analysisthreat-huntingthreat-intelthreat-intelligencethreat-intelligence-platformthreat-sharingthreatintel
  Language:PHP 5127

• mentebinaria / retoolkit

  Reverse Engineer's Toolkit

  reverse-engineeringmalware-analysiswindows
  Language:Inno Setup 4752

• CalebFenton / simplify

  Android virtual machine and deobfuscator

  deobfuscationjavaoptimizationandroidreverse-engineeringmalware-analysisdalvikmalwaredeobfuscatorvirtual-machineemulatormalware-analyzerandroid-malwaremalware-researchreverse-engineer-apk
  Language:Java 4417

• lief-project / LIEF

  LIEF - Library to Instrument Executable Formats

  androidartbinary-analysisdexelfexecutable-formatsliefmachomalware-analysismodificationoatparserparsingpepythonreverse-engineeringrustsdkvdex
  Language:C++ 4295
• capa

  mandiant / capa

  The FLARE team's open-source tool to identify capabilities in executable files.

  malware-analysisreverse-engineeringgsoc-2024
  Language:Python 4011

• charles2gan / GDA-android-reversing-Tool

  the fastest and most powerful android decompiler(native tool working without Java VM) for the APK, DEX, ODEX, OAT, JAR, AAR, and CLASS file. which supports malicious behavior detection, privacy leaking detection, vulnerability detection, path solving, packer identification, variable tracking, deobfuscation, python&java scripts, device memory extraction, data decryption, and encryption, etc.

  decompilervulnerability-scannersmalware-analysissecurity-auditmobile-securityprivacy-protection
  Language:Java 4009

• InQuest / awesome-yara

  A curated list of awesome YARA rules, tools, and people.

  yara-rulesyara-signaturesyaramalware-rulesmalware-analysismalware-researchmalware-detectionyara-scanneryara-managerthreat-huntingawesomeawesome-yaraawesome-listioc
  3389

• a0rtega / pafish

  Pafish is a testing tool that uses different techniques to detect virtual machines and malware analysis environments in the same way that malware families do

  malwarereverse-engineeringvirtual-machinemalware-familiesanalysis-environmentssandboxmalware-analysisrdtscmalware-research
  Language:C 3242
• IntelOwl

  intelowlproject / IntelOwl

  IntelOwl: manage your Threat Intelligence at scale

  security-toolspythonthreat-intelligenceiocincident-responsecyber-threat-intelligenceenrichmenthoneynetosintosint-pythonthreatintelmalware-analysismalware-analyzerintel-owlthreat-huntinghacktoberfestcyber-securitycybersecuritythreathuntingdfir
  Language:Python 3198
• flare-floss

  mandiant / flare-floss

  FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.

  deobfuscationflaregsoc-2024malwaremalware-analysisstrings
  Language:Python 3119

• hasherezade / pe-sieve

  Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).

  anti-malwarehookinglibpeconvmalware-analysismemory-forensicspe-analyzerpe-dumperpe-formatpe-sieveprocess-analyzerscans
  Language:C++ 2980

• alexandreborges / malwoverview

  Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, ThreatFox, Triage, InQuest and it is able to scan Android devices against VT.

  malwarevirustotalmalpediaurlhausalienvaultmalsharethreathuntingmalwarebazaarthreatfoxcybersecuritymalware-analysisthreat-huntingthreatintelligencetriage
  Language:Python 2887

• decalage2 / oletools

  oletools - python tools to analyze MS OLE2 files (Structured Storage, Compound File Binary Format) and MS Office documents, for malware analysis, forensics and debugging.

  pythonpython-libraryolefilemalware-analysisms-office-documentscompoundrtfforensicsole-filessecurityparserpyparsingvbamacros
  Language:Python 2822
• HyperDbg

  HyperDbg / HyperDbg

  State-of-the-art native debugging tools

  hypervisorhyperdbgdebuggereptwindows-kernelhookkernel-debuggerdebugbinary-analysismalware-analysisreverse-engineeringsecuritysecurity-toolsdebuggingdebugging-toolchipfpgahardwarehwdbglogic-analyzer
  Language:C 2750
• BlueTeam-Tools

  A-poc / BlueTeam-Tools

  Tools and Techniques for Blue Team / Incident Response

  blue-teamblueteamcheatsheetincident-responsemalware-analysistoolsvulnerability-managementwikiincidentresourcescyber-securitydefender
  2555

• hasherezade / pe-bear

  Portable Executable reversing tool with a friendly GUI

  pe-filepe-formatpe-analyzerpe-analyzer-guipe-editormultiplatformmalware-analysisbearparser
  Language:C++ 2542
• APKLab

  APKLab / APKLab

  Android Reverse-Engineering Workbench for VS Code

  apktoolapk-decompilerapk-editorsmalidalviksmalideaapksignerapk-studioandroidjadxreverse-engineeringbytecodemitmmalware-analysisapp-analyzermalware-detectionuber-apk-signerhttps-inspection
  Language:TypeScript 2506
• APKiD

  rednaga / APKiD

  Android Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android

  androidandroid-protect-appsandroid-protectionantivirusappshieldingmachine-learningmalware-analysismalware-detectionmalware-researchpackersraspyarayara-forensics
  Language:YARA 1969

• hasherezade / hollows_hunter

  Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).

  pe-sieveanti-malwaremalware-analysismalware-detectionmemory-forensics
  Language:C 1958

• hasherezade / malware_training_vol1

  Materials for Windows Malware Analysis training (volume 1)

  windows-malware-analysismalware-analysismalware-research
  Language:Assembly 1901

• kevoreilly / CAPEv2

  Malware Configuration And Payload Extraction

  configsdebugging-toolsmalwaremalware-analysismalware-researchreverse-engineeringsandboxunpackingcape
  Language:Python 1794

• alphaSeclab / awesome-rat

  RAT And C&C Resources. 250+ Open Source Projects, 1200+ RAT/C&C blog/video.

  c2command-and-controlcommand-controlmalware-analysisratrat-analysisrat-malwareremote-access-toolremote-administration-tool
  1784

• mandiant / flare-fakenet-ng

  FakeNet-NG - Next Generation Dynamic Network Analysis Tool

  fakenet-ngtraffic-redirectionmalware-analysismandiant-flaregsoc-2024
  Language:Python 1735

• JKornev / hidden

  🇺🇦 Windows driver with usermode interface which can hide processes, file-system and registry objects, protect processes and etc

  windowssecuritymalware-analysisregistrydriverkernelrootkitrce
  Language:C 1653

• maliceio / malice

  VirusTotal Wanna Be - Now with 100% more Hipster

  malicedockermalwareinfosecvirustotalelasticsearchgolangantiviruscloudcybersecuritydfirmalware-analysismalware-research
  Language:Go 1633