deadbits / Malware Analysis Scripts
Collection of scripts for different malware analysis tasks
Stars: ✭ 61
Programming Languages
python
139335 projects - #7 most used programming language
Projects that are alternatives of or similar to Malware Analysis Scripts
Freki
🐺 Malware analysis platform
Stars: ✭ 285 (+367.21%)
Mutual labels: malware, malware-analysis, malware-research, reverse-engineering
Pafish
Pafish is a testing tool that uses different techniques to detect virtual machines and malware analysis environments in the same way that malware families do
Stars: ✭ 2,026 (+3221.31%)
Mutual labels: malware, reverse-engineering, malware-analysis, malware-research
Simplify
Android virtual machine and deobfuscator
Stars: ✭ 3,865 (+6236.07%)
Mutual labels: malware, malware-analysis, malware-research, reverse-engineering
Antidebugging
A collection of c++ programs that demonstrate common ways to detect the presence of an attached debugger.
Stars: ✭ 161 (+163.93%)
Mutual labels: malware, malware-analysis, malware-research, reverse-engineering
Dex Oracle
A pattern based Dalvik deobfuscator which uses limited execution to improve semantic analysis
Stars: ✭ 398 (+552.46%)
Mutual labels: malware, malware-analysis, malware-research, reverse-engineering
Drakvuf Sandbox
DRAKVUF Sandbox - automated hypervisor-level malware analysis system
Stars: ✭ 384 (+529.51%)
Mutual labels: malware, malware-analysis, malware-research, reverse-engineering
Simpleator
Simpleator ("Simple-ator") is an innovative Windows-centric x64 user-mode application emulator that leverages several new features that were added in Windows 10 Spring Update (1803), also called "Redstone 4", with additional improvements that were made in Windows 10 October Update (1809), aka "Redstone 5".
Stars: ✭ 260 (+326.23%)
Mutual labels: malware, malware-analysis, reverse-engineering
Polichombr
Collaborative malware analysis framework
Stars: ✭ 307 (+403.28%)
Mutual labels: malware-analysis, malware-research, reverse-engineering
Yargen
yarGen is a generator for YARA rules
Stars: ✭ 795 (+1203.28%)
Mutual labels: malware, malware-analysis, malware-research
Thezoo
A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.
Stars: ✭ 7,849 (+12767.21%)
Mutual labels: malware, malware-analysis, malware-research
MalwareHashDB
Malware hashes for open source projects.
Stars: ✭ 31 (-49.18%)
Mutual labels: malware, malware-analysis, malware-research
Pwndbg
Exploit Development and Reverse Engineering with GDB Made Easy
Stars: ✭ 4,178 (+6749.18%)
Mutual labels: malware, malware-analysis, reverse-engineering
Malware Samples
A collection of malware samples and relevant dissection information, most probably referenced from http://blog.inquest.net
Stars: ✭ 565 (+826.23%)
Mutual labels: malware, malware-analysis, malware-research
Fame
FAME Automates Malware Evaluation
Stars: ✭ 663 (+986.89%)
Mutual labels: malware, malware-analysis, malware-research
freki
🐺 Malware analysis platform
Stars: ✭ 327 (+436.07%)
Mutual labels: malware, malware-analysis, malware-research
MalwareDatabase
Malware samples for analysis, researchers, anti-virus and system protection testing.(1300+ Malware-samples!)
Stars: ✭ 21 (-65.57%)
Mutual labels: malware, malware-analysis, malware-research
Pev
The PE file analysis toolkit
Stars: ✭ 422 (+591.8%)
Mutual labels: malware-analysis, malware-research, reverse-engineering
Wdbgark
WinDBG Anti-RootKit Extension
Stars: ✭ 450 (+637.7%)
Mutual labels: malware, malware-analysis, malware-research
MalwareDatabase
One of the few malware collection
Stars: ✭ 37 (-39.34%)
Mutual labels: malware, malware-analysis, malware-research
Malware-Machine-Learning
Malware Machine Learning
Stars: ✭ 26 (-57.38%)
Mutual labels: malware, malware-analysis, malware-research
malware-analysis-scripts
Collection of scripts for different malware analysis tasks
Introduction
Some of these scripts are mine. Some of them are not. I have had many of these stored for a long time and I will try to make sure credit for others work is given where due, though sometimes I no longer know who the original author actually is.
If you happen to see code you recognize here please let me know in a Issue so I can assign proper credit.
This README will be used to keep track of the contents of this repo, what each script does and who the original authors are, if it is not myself. Each script may have it's own documentation within it as well.
Contents
Sorted by author:
- getstatic.py (deadbits)
- getimps.py (deadbits)
- domain_registrant.py (deadbits)
- gozi-c2-craft.py (deadbits)
- malshare_dl.py (deadbits)
- http_forge.py (deadbits)
- irc_stealth.py (deadbits)
- local2splunk.py (deadbits)
- lookup_dns.py (deadbits)
- mass_nmap.py (deadbits)
- maz_slim.py (deadbits)
- memdump.c (travis montoya)
- blackenergy.py (Malware.lu)
- bozok_config.py (Malware.lu)
- vt-notify.rb (author unknown)
- binextract.py (author unknown)
- anubis.py (author unknown)
- decodebhek.py (author unknown)
- cifcsv.py (author unknown)
- magic.py (author unknown)
- match.py (author unknown)
- phpdecode.py (author unknown)
- xorencode.c (author unkown - maybe myself? really dont remember..)
- xortools.py (author unknown)
- fake_dns.py (author unknown)
- darkcomet_config.py (r3shl4k1sh)
- atrax-root.py (siph0n)
- pescanner.py (Michael Ligh)
- avsubmit.py (Michael Ligh)
- db-artifacts.py (Michael Ligh)
- backtrack.py (Alexander Hanel)
- import_snapshop.py (Alexander Hanel)
- vt_pyscan.py (Alexander Hanel)
- AnalyzePE.py (hiddenillusion)
- IPInfo.py (hiddenillusion)
- Automater.py (TekDefesene)
- wepewet.py ([email protected])
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].