Top 201 malware-analysis open source projects

Malware Analysis, Threat Intelligence and Reverse Engineering: LABS

Drebin - NDSS 2014 Re-implementation

A simple command-line script to interact with the virustotal-api

Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.

CLI tool to analyze PE files

Analyzing Rig Exploit Kit

Maltego CaseFile entities for information security investigations, malware analysis and incident response

Android Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android

Malcom - Malware Communications Analyzer

Norimaci is a simple and lightweight malware analysis sandbox for macOS

Submits multiple domains to VirusTotal API

BeSafe is robust threat analyzer which help to protect your desktop environment and know what's happening around you

A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.

A collection of malware samples caught by several honeypots i manage

Emofishes is a collection of proof of concepts that help improve, bypass or detect virtualized execution environments (focusing on the ones setup for malware analysis).

《macOS软件安全与逆向分析》勘误

Builds malware analysis Windows VMs so that you don't have to.

yarGen is a generator for YARA rules

Sandboxed Execution Environment

Windows driver with usermode interface which can hide objects of file-system and registry, protect processes and etc

RAT And C&C Resources. 250+ Open Source Projects, 1200+ RAT/C&C blog/video.

A VBA parser and emulation engine to analyze malicious macros.

FAME Automates Malware Evaluation

makin - reveal anti-debugging and anti-VM tricks [This project is not maintained anymore]

DRAKVUF Black-box Binary Analysis

HaboMalHunter is a sub-project of Habo Malware Analysis System (https://habo.qq.com), which can be used for automated malware analysis and security assessment on the Linux system.

Windows kernel and user mode emulation.

A collection of malware samples and relevant dissection information, most probably referenced from http://blog.inquest.net

Script to create templates to use with VirtualBox to make vm detection harder

Modular file scanning/analysis framework

Android Reverse-Engineering Workbench for VS Code

A machine learning tool that ranks strings based on their relevance for malware analysis.

Leaked Linux.Mirai Source Code for Research/IoC Development Purposes

WinDBG Anti-RootKit Extension

The PE file analysis toolkit

A hackable malware sandbox for the 21st Century

Various snippets created during malware analysis

软件安全工程师技能表

FCL (Fileless Command Lines) - Known command lines of fileless malicious executions

A pattern based Dalvik deobfuscator which uses limited execution to improve semantic analysis

SSMA - Simple Static Malware Analyzer [This project is not maintained anymore by me]

Droidefense: Advance Android Malware Analysis Framework

DRAKVUF Sandbox - automated hypervisor-level malware analysis system

Course Repository for University of Cincinnati Malware Analysis Class (CS[567]038)

Android virtual machine and deobfuscator

GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging features for exploit developers & reverse engineers ☢

An open source framework for enterprise level automated analysis.

Exploit Development and Reverse Engineering with GDB Made Easy

Sandbox for semi-automatic Javascript malware analysis, deobfuscation and payload extraction. Written for Node.js

Malware sample library.

A Linux Ransomware

WinAppDbg Debugger

16,432 Free Yara rules created by

idenLib - Library Function Identification [This project is not maintained anymore]

Deep Learning models for network traffic classification

A Tool for Automatic Analysis of Malware Behavior

A Python RESTful API framework for online malware analysis and threat intelligence services.

Collaborative malware analysis framework

MISP (core software) - Open Source Threat Intelligence and Sharing Platform