Welcome to the MalwareAnalysisSeries repository, your go-to destination for highly refined analysis reports, useful reverse engineering tools & scripts, unpacked malware stages, extracted TTPs and its development. This open-source pet project is dedicated to dissecting infamous malware families, offering deep technical insights assisting in advance analysis and reverse engineering. The process of malware development is also covered in this repository as each significant TTP is recreated in exact way as the actual malware.
The primary goal of MalwareAnalysisSeries is to provide a comprehensive resource for cybersecurity enthusiasts, researchers, and professionals alike. By delving into the intricate workings of prominent malware families, my aim is to empower the community with invaluable knowledge and tools to enhance their understanding of cybersecurity threats and bolster defense mechanisms.
|
Shayan Ahmed Khan |
| Title | Description |
|---|---|
| CrackedHaven | Understand Software Cracking and its Implications |
| MedusaLocker | Technical Analysis & TTPs of MedusaLocker Ransomware |
| NanoCore1.2.2.0 | Technical Analysis & TTPs of NanoCore RAT 1.2.2.0 |
| Ryuk | Technical Analysis & TTPs of Ryuk Ransomware |
| Xloader4.3 | Technical Analysis & TTPs of Xloader AKA Formbook 4.3 Infostealer |
| Lockbit 3.0 | Coming soon |
| Directory | Description |
|---|---|
[://Malware/] |
Contains all malware-related content. Reports/Articles etc |
[://Malware/sample/] |
Repository of malware samples and their unpacked stages. |
[://Malware/tools_and_scripts/] |
Collection of tools and scripts used in malware analysis. |
[://Malware/Extracted_TTPs/] |
Directory containing the Tactics, Techniques, and Procedures (TTPs) identified in the malware and its code recreated after analysis |
[://Malware/Extracted_TTPs/TTP(1...n)/Detection] |
Specific detection rules associated with each TTP extracted from the malware. |
[://Assets/] |
Stores visual aids, including images, videos, and GIFs, used in reports and documentation. |
MalwareAnalysisSeries/
├── Malware/
│ ├── sample/
│ ├── tools_and_scripts/
│ ├── Extracted_TTPs/
│ │ ├── TTP1/
│ │ │ ├── Code/
│ │ │ └── Detection/
│ │ ├── TTP2/
│ │ │ ├── Code/
│ │ │ └── Detection/
│ │ └── ...
│ └── Assets/
├── ...
├── Assets/
└── README.md
It's important to emphasize that MalwareAnalysisSeries is intended strictly for educational and research purposes. I do not condone or support any form of malicious activity. The tools, scripts, and analysis reports provided here are meant to foster learning, enhance cybersecurity knowledge, and contribute to the collective defense against cyber threats. Any misuse or illegitimate use of the content within this repository is strongly discouraged and goes against the principles of ethical cybersecurity practices.
Join me in this mission to dissect, understand, and combat malware. Together, we can make cyberspace a safer environment for all.