malware-writeupsPersonal research and publication on malware families
Stars: ✭ 104 (-79.41%)
MalwareDatabaseMalware samples for analysis, researchers, anti-virus and system protection testing.(1300+ Malware-samples!)
Stars: ✭ 21 (-95.84%)
auroraMalware similarity platform with modularity in mind.
Stars: ✭ 70 (-86.14%)
VX-APICollection of various malicious functionality to aid in malware development
Stars: ✭ 904 (+79.01%)
Freki🐺 Malware analysis platform
Stars: ✭ 285 (-43.56%)
Anti-DebuggingA collection of c++ programs that demonstrate common ways to detect the presence of an attached debugger.
Stars: ✭ 297 (-41.19%)
StoqAn open source framework for enterprise level automated analysis.
Stars: ✭ 352 (-30.3%)
WeDefend⛔🛡️ WeDefend - Monitor and Protect Windows from Remote Access Trojan
Stars: ✭ 23 (-95.45%)
ThreatKBKnowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)
Stars: ✭ 68 (-86.53%)
XapkdetectorAPK/DEX detector for Windows, Linux and MacOS.
Stars: ✭ 208 (-58.81%)
Phishing.databasePhishing Domains, urls websites and threats database. We use the PyFunceble testing tool to validate the status of all known Phishing domains and provide stats to reveal how many unique domains used for Phishing are still active.
Stars: ✭ 296 (-41.39%)
decrypticonJava-layer Android Malware Simplifier
Stars: ✭ 17 (-96.63%)
SimplifyAndroid virtual machine and deobfuscator
Stars: ✭ 3,865 (+665.35%)
fame modulesCommunity modules for FAME
Stars: ✭ 55 (-89.11%)
freki🐺 Malware analysis platform
Stars: ✭ 327 (-35.25%)
ThreatingestorExtract and aggregate threat intelligence.
Stars: ✭ 439 (-13.07%)
bonomenBONOMEN - Hunt for Malware Critical Process Impersonation
Stars: ✭ 42 (-91.68%)
Fake-Sandbox-ArtifactsThis script allows you to create various artifacts on a bare-metal Windows computer in an attempt to trick malwares that looks for VM or analysis tools
Stars: ✭ 138 (-72.67%)
ioc-fangerFang and defang indicators of compromise. You can test this project in a GUI here: http://ioc-fanger.hightower.space .
Stars: ✭ 47 (-90.69%)
WinappdbgWinAppDbg Debugger
Stars: ✭ 338 (-33.07%)
YAFRAYAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.
Stars: ✭ 22 (-95.64%)
Python IocextractDefanged Indicator of Compromise (IOC) Extractor.
Stars: ✭ 300 (-40.59%)
jawsJaws is an invisible programming language! Inject invisible code into other languages and files! Created for security research -- see blog post
Stars: ✭ 204 (-59.6%)
Drakvuf SandboxDRAKVUF Sandbox - automated hypervisor-level malware analysis system
Stars: ✭ 384 (-23.96%)
Vendor-Threat-Triage-LookupLookup file hashes, domain names and IP addresses using various vendors to assist with triaging potential threats.
Stars: ✭ 17 (-96.63%)
Vxug PapersResearch code & papers from members of vx-underground.
Stars: ✭ 291 (-42.38%)
WdbgarkWinDBG Anti-RootKit Extension
Stars: ✭ 450 (-10.89%)
memscrimperCode for the DIMVA 2018 paper: "MemScrimper: Time- and Space-Efficient Storage of Malware Sandbox Memory Dumps"
Stars: ✭ 25 (-95.05%)
Malware ResearchCode written as part of our various malware investigations
Stars: ✭ 281 (-44.36%)
yaraMalice Yara Plugin
Stars: ✭ 27 (-94.65%)
binlexA Binary Genetic Traits Lexer Framework
Stars: ✭ 303 (-40%)
MeltingPotA tool to cluster similar executables (PEs, DEXs, and etc), extract common signature, and generate Yara patterns for malware detection.
Stars: ✭ 23 (-95.45%)
bluepillBluePill: Neutralizing Anti-Analysis Behavior in Malware Dissection (Black Hat Europe 2019, IEEE TIFS 2020)
Stars: ✭ 94 (-81.39%)
MalwaresourcecodeCollection of malware source code for a variety of platforms in an array of different programming languages.
Stars: ✭ 8,666 (+1616.04%)
assemblylineAssemblyLine 4 - File triage and malware analysis
Stars: ✭ 69 (-86.34%)
MalwareHashDBMalware hashes for open source projects.
Stars: ✭ 31 (-93.86%)
Malware JailSandbox for semi-automatic Javascript malware analysis, deobfuscation and payload extraction. Written for Node.js
Stars: ✭ 349 (-30.89%)
Malware-ZooHashes of infamous malware
Stars: ✭ 18 (-96.44%)
mazMalware Analysis Zoo
Stars: ✭ 25 (-95.05%)
OwlyshieldOwlyshield is an EDR framework designed to safeguard vulnerable applications from potential exploitation (C&C, exfiltration and impact))..
Stars: ✭ 281 (-44.36%)
PevThe PE file analysis toolkit
Stars: ✭ 422 (-16.44%)
DrsemuDrSemu - Sandboxed Malware Detection and Classification Tool Based on Dynamic Behavior
Stars: ✭ 237 (-53.07%)
Threat HuntingPersonal compilation of APT malware from whitepaper releases, documents and own research
Stars: ✭ 219 (-56.63%)
ColdfireGolang malware development framework
Stars: ✭ 309 (-38.81%)
pyc2bytecodeA Python Bytecode Disassembler helping reverse engineers in dissecting Python binaries by disassembling and analyzing the compiled python byte-code(.pyc) files across all python versions (including Python 3.10.*)
Stars: ✭ 70 (-86.14%)
MultiscannerModular file scanning/analysis framework
Stars: ✭ 494 (-2.18%)
Linux.miraiLeaked Linux.Mirai Source Code for Research/IoC Development Purposes
Stars: ✭ 466 (-7.72%)
Dex OracleA pattern based Dalvik deobfuscator which uses limited execution to improve semantic analysis
Stars: ✭ 398 (-21.19%)
PolichombrCollaborative malware analysis framework
Stars: ✭ 307 (-39.21%)
TweetFeedCollecting IOCs posted on Twitter
Stars: ✭ 181 (-64.16%)