MatireMalware Analysis, Threat Intelligence and Reverse Engineering: LABS
DrebinDrebin - NDSS 2014 Re-implementation
VirustotalA simple command-line script to interact with the virustotal-api
Pentesting BibleLearn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.
PecliCLI tool to analyze PE files
RigekAnalyzing Rig Exploit Kit
Analyst CasefileMaltego CaseFile entities for information security investigations, malware analysis and incident response
ApkidAndroid Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android
MalcomMalcom - Malware Communications Analyzer
NorimaciNorimaci is a simple and lightweight malware analysis sandbox for macOS
BesafeBeSafe is robust threat analyzer which help to protect your desktop environment and know what's happening around you
ThezooA repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.
Malware SamplesA collection of malware samples caught by several honeypots i manage
EmofishesEmofishes is a collection of proof of concepts that help improve, bypass or detect virtualized execution environments (focusing on the ones setup for malware analysis).
MalboxesBuilds malware analysis Windows VMs so that you don't have to.
YargenyarGen is a generator for YARA rules
SeeSandboxed Execution Environment
HiddenWindows driver with usermode interface which can hide objects of file-system and registry, protect processes and etc
Awesome RatRAT And C&C Resources. 250+ Open Source Projects, 1200+ RAT/C&C blog/video.
VipermonkeyA VBA parser and emulation engine to analyze malicious macros.
FameFAME Automates Malware Evaluation
Makinmakin - reveal anti-debugging and anti-VM tricks [This project is not maintained anymore]
DrakvufDRAKVUF Black-box Binary Analysis
HabomalhunterHaboMalHunter is a sub-project of Habo Malware Analysis System (https://habo.qq.com), which can be used for automated malware analysis and security assessment on the Linux system.
SpeakeasyWindows kernel and user mode emulation.
Malware SamplesA collection of malware samples and relevant dissection information, most probably referenced from http://blog.inquest.net
AntivmdetectionScript to create templates to use with VirtualBox to make vm detection harder
ApklabAndroid Reverse-Engineering Workbench for VS Code
StringsifterA machine learning tool that ranks strings based on their relevance for malware analysis.
Linux.miraiLeaked Linux.Mirai Source Code for Research/IoC Development Purposes
WdbgarkWinDBG Anti-RootKit Extension
PevThe PE file analysis toolkit
SaferwallA hackable malware sandbox for the 21st Century
FclFCL (Fileless Command Lines) - Known command lines of fileless malicious executions
Dex OracleA pattern based Dalvik deobfuscator which uses limited execution to improve semantic analysis
SsmaSSMA - Simple Static Malware Analyzer [This project is not maintained anymore by me]
EngineDroidefense: Advance Android Malware Analysis Framework
Drakvuf SandboxDRAKVUF Sandbox - automated hypervisor-level malware analysis system
SimplifyAndroid virtual machine and deobfuscator
GefGEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging features for exploit developers & reverse engineers ☢
StoqAn open source framework for enterprise level automated analysis.
PwndbgExploit Development and Reverse Engineering with GDB Made Easy
Malware JailSandbox for semi-automatic Javascript malware analysis, deobfuscation and payload extraction. Written for Node.js
Icewater16,432 Free Yara rules created by
IdenlibidenLib - Library Function Identification [This project is not maintained anymore]
DeeptrafficDeep Learning models for network traffic classification
MalheurA Tool for Automatic Analysis of Malware Behavior
MalsubA Python RESTful API framework for online malware analysis and threat intelligence services.
PolichombrCollaborative malware analysis framework
MispMISP (core software) - Open Source Threat Intelligence and Sharing Platform