malware-analysis
There are 1489 repositories under malware-analysis topic.
x64dbg/x64dbg
An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.
radareorg/radare2
UNIX-like reverse engineering framework and command-line toolset
MobSF/Mobile-Security-Framework-MobSF
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
rshipp/awesome-malware-analysis
Defund the Police.
ytisf/theZoo
A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.
We5ter/Scanners-Box
A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑
pwndbg/pwndbg
Exploit Development and Reverse Engineering with GDB Made Easy
horsicq/Detect-It-Easy
Program for determining types of files for Windows, Linux and MacOS.
hugsy/gef
GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux
bee-san/pyWhat
🐸 Identify anything. pyWhat easily lets you identify emails, IP addresses, and more. Feed it a .pcap file or some text and it'll tell you what it is! 🧙♀️
mandiant/flare-vm
A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.
MISP/MISP
MISP (core software) - Open Source Threat Intelligence and Sharing Platform
mentebinaria/retoolkit
Reverse Engineer's Toolkit
CalebFenton/simplify
Android virtual machine and deobfuscator
lief-project/LIEF
LIEF - Library to Instrument Executable Formats
charles2gan/GDA-android-reversing-Tool
the fastest and most powerful android decompiler(native tool working without Java VM) for the APK, DEX, ODEX, OAT, JAR, AAR, and CLASS file. which supports malicious behavior detection, privacy leaking detection, vulnerability detection, path solving, packer identification, variable tracking, deobfuscation, python&java scripts, device memory extraction, data decryption, and encryption, etc.
mandiant/capa
The FLARE team's open-source tool to identify capabilities in executable files.
intelowlproject/IntelOwl
IntelOwl: manage your Threat Intelligence at scale
InQuest/awesome-yara
A curated list of awesome YARA rules, tools, and people.
a0rtega/pafish
Pafish is a testing tool that uses different techniques to detect virtual machines and malware analysis environments in the same way that malware families do
mandiant/flare-floss
FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.
hasherezade/pe-sieve
Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).
alexandreborges/malwoverview
Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, ThreatFox, Triage, InQuest and it is able to scan Android devices against VT.
decalage2/oletools
oletools - python tools to analyze MS OLE2 files (Structured Storage, Compound File Binary Format) and MS Office documents, for malware analysis, forensics and debugging.
HyperDbg/HyperDbg
State-of-the-art native debugging tools
A-poc/BlueTeam-Tools
Tools and Techniques for Blue Team / Incident Response
hasherezade/pe-bear
Portable Executable reversing tool with a friendly GUI
APKLab/APKLab
Android Reverse-Engineering Workbench for VS Code
rednaga/APKiD
Android Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android
hasherezade/hollows_hunter
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
hasherezade/malware_training_vol1
Materials for Windows Malware Analysis training (volume 1)
kevoreilly/CAPEv2
Malware Configuration And Payload Extraction
alphaSeclab/awesome-rat
RAT And C&C Resources. 250+ Open Source Projects, 1200+ RAT/C&C blog/video.
mandiant/flare-fakenet-ng
FakeNet-NG - Next Generation Dynamic Network Analysis Tool
JKornev/hidden
🇺🇦 Windows driver with usermode interface which can hide processes, file-system and registry objects, protect processes and etc
maliceio/malice
VirusTotal Wanna Be - Now with 100% more Hipster