Runpe In MemoryRun a Exe File (PE Module) in memory (like an Application Loader)
Threat IntelArchive of publicly available threat INTel reports (mostly APT Reports but not limited to).
Pepper An open source script to perform malware static analysis on Portable Executable
Malware SamplesMalware samples, analysis exercises and other interesting resources.
KicomavKicomAV is an open source (GPL v2) antivirus engine designed for detecting malware and disinfecting it.
Threat HuntingPersonal compilation of APT malware from whitepaper releases, documents and own research
Goat🐐 GoAT (Golang Advanced Trojan) is a trojan that uses Twitter as a C&C server
SerpentineC++/Win32/Boost Windows RAT (Remote Administration Tool) with a multiplatform Java/Spring RESTful C2 server and Go, C++/Qt5 frontends
BotnetsThis is a collection of #botnet source codes, unorganized. For EDUCATIONAL PURPOSES ONLY
Open MyrtusRCEed version of computer malware / rootkit MyRTUs / Stuxnet.
Telegram RatWindows Remote Administration Tool via Telegram. Written in Python
MemtriageAllows you to quickly query a Windows machine for RAM artifacts
QilingQiling Advanced Binary Emulation Framework
BlackwebDomains Blocklist for Squid-Cache
Unified Hosts AutoupdateQuickly and easily install, uninstall, and set up automatic updates for any of Steven Black's unified hosts files.
Php Antimalware ScannerAMWScan (PHP Antimalware Scanner) is a free tool to scan php files and analyze your project to find any malicious code inside it.
CypherPythonic ransomware proof of concept.
Trisis Triton HatmanRepository containting original and decompiled files of TRISIS/TRITON/HATMAN malware
LisaSandbox for automated Linux malware analysis.
AnteaterAnteater - CI/CD Gate Check Framework
EvasionsEvasions encyclopedia gathers methods used by malware to evade detection when run in virtualized environment. Methods are grouped into categories for ease of searching and understanding. Also provided are code samples, signature recommendations and countermeasures within each category for the described techniques.
Misp TaxonomiesTaxonomies used in MISP taxonomy system and can be used by other information sharing tool.
Nginx Ultimate Bad Bot BlockerNginx Block Bad Bots, Spam Referrer Blocker, Vulnerability Scanners, User-Agents, Malware, Adware, Ransomware, Malicious Sites, with anti-DDOS, Wordpress Theme Detector Blocking and Fail2Ban Jail for Repeat Offenders
DdoorDDoor - cross platform backdoor using dns txt records
AntidebuggingA collection of c++ programs that demonstrate common ways to detect the presence of an attached debugger.
MalwareRootkits | Backdoors | Sniffers | Virus | Ransomware | Steganography | Cryptography | Shellcodes | Webshells | Keylogger | Botnets | Worms | Other Network Tools
Flare FlossFLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.
Docker MispAutomated Docker MISP container - Malware Information Sharing Platform and Threat Sharing
BinsnitchDetect silent (unwanted) changes to files on your system
Blocklist Ipsetsipsets dynamically updated with firehol's update-ipsets.sh script
PafishPafish is a testing tool that uses different techniques to detect virtual machines and malware analysis environments in the same way that malware families do
NetwormPython network worm that spreads on the local network and gives the attacker control of these machines.
AmsiscannerA C/C++ implementation of Microsoft's Antimalware Scan Interface
UitkykRuntime memory analysis framework to identify Android malware
ThreadboatProgram Uses Thread Execution Hijacking To Inject Native Shell-code Into a Standard Win32 Application
Ergo Pe Av🧠 🦠 An artificial neural network and API to detect Windows malware, based on Ergo and LIEF.
Mass RatBasic Multiplatform Remote Administration Tool - Xamarin
DeathransomA ransomware developed in python, with bypass technics, for educational purposes.
MbaMalware Behavior Analyzer
RatelRAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.
Hosts BlocklistsAutomatically updated, moderated and optimized lists for blocking ads, trackers, malware and other garbage
Www.rootkit.comwww.rootkit.com users section mirror, sql database dump, and a few other files/rootkits.
FlashmingoAutomatic analysis of SWF files based on some heuristics. Extensible via plugins.
BlockLet's make an annoyance free, better open internet, altogether!
Green Hat SuiteGreen-hat-suite is a tool to generate meterpreter/shell which could evade antivirus.