DrltraceDrltrace is a library calls tracer for Windows and Linux applications.
Stars: ✭ 282 (+1310%)
WeDefend⛔🛡️ WeDefend - Monitor and Protect Windows from Remote Access Trojan
Stars: ✭ 23 (+15%)
MedusaBinary instrumentation framework based on FRIDA
Stars: ✭ 258 (+1190%)
ApkidAndroid Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android
Stars: ✭ 999 (+4895%)
Malware-DetectionDeep Learning Based Android Malware Detection Framework
Stars: ✭ 29 (+45%)
assemblylineAssemblyLine 4 - File triage and malware analysis
Stars: ✭ 69 (+245%)
Awesome YaraA curated list of awesome YARA rules, tools, and people.
Stars: ✭ 1,394 (+6870%)
yaraMalice Yara Plugin
Stars: ✭ 27 (+35%)
ApklabAndroid Reverse-Engineering Workbench for VS Code
Stars: ✭ 470 (+2250%)
DrsemuDrSemu - Sandboxed Malware Detection and Classification Tool Based on Dynamic Behavior
Stars: ✭ 237 (+1085%)
XapkdetectorAPK/DEX detector for Windows, Linux and MacOS.
Stars: ✭ 208 (+940%)
malware-persistenceCollection of malware persistence and hunting information. Be a persistent persistence hunter!
Stars: ✭ 109 (+445%)
ApkfileAndroid app analysis and feature extraction library
Stars: ✭ 190 (+850%)
StoqAn open source framework for enterprise level automated analysis.
Stars: ✭ 352 (+1660%)
Nauz File DetectorLinker/Compiler/Tool detector for Windows, Linux and MacOS.
Stars: ✭ 146 (+630%)
Threat HuntingPersonal compilation of APT malware from whitepaper releases, documents and own research
Stars: ✭ 219 (+995%)
Malware FeedBringing you the best of the worst files on the Internet.
Stars: ✭ 69 (+245%)
FclFCL (Fileless Command Lines) - Known command lines of fileless malicious executions
Stars: ✭ 409 (+1945%)
DrebinDrebin - NDSS 2014 Re-implementation
Stars: ✭ 52 (+160%)
mobileAuditDjango application that performs SAST and Malware Analysis for Android APKs
Stars: ✭ 140 (+600%)
malware-writeupsPersonal research and publication on malware families
Stars: ✭ 104 (+420%)
stringsifterA machine learning tool that ranks strings based on their relevance for malware analysis.
Stars: ✭ 567 (+2735%)
assemblyline clientPython client for Assemblyline 3 and 4 / Client python pour AssemblyLine 3 and 4
Stars: ✭ 19 (-5%)
xLoggerSimple windows API logger
Stars: ✭ 62 (+210%)
malwinxJust a normal flask web app to understand win32api with code snippets and references.
Stars: ✭ 76 (+280%)
speakeasyWindows kernel and user mode emulation.
Stars: ✭ 1,017 (+4985%)
SuperLibraryInformation Security Library
Stars: ✭ 60 (+200%)
bluepillBluePill: Neutralizing Anti-Analysis Behavior in Malware Dissection (Black Hat Europe 2019, IEEE TIFS 2020)
Stars: ✭ 94 (+370%)
bazaarAndroid security & privacy analysis for the masses
Stars: ✭ 191 (+855%)
xrayHexrays decompiler plugin that colorizes and filters the decompiler's output based on regular expressions
Stars: ✭ 97 (+385%)
malware-prediction-rnnRNN implementation with Keras for machine activity data to predict malware
Stars: ✭ 35 (+75%)
learning-malware-analysisThis repository contains sample programs that mimick behavior found in real-world malware. The goal is to provide source code that can be compiled and used for learning purposes, without having to worry about handling live malware.
Stars: ✭ 124 (+520%)
adv-dnn-ens-malwareadversarial examples, adversarial malware examples, adversarial malware detection, adversarial deep ensemble, Android malware variants
Stars: ✭ 33 (+65%)
ML-AntivirusAn antivirus powered by machine learning.
Stars: ✭ 32 (+60%)
assemblyline-coreCore server components for Assemblyline 4 (Alerter, dispatcher, expiry, ingester, scaler, updater, ...)
Stars: ✭ 16 (-20%)
pftriagePython tool and library to help analyze files during malware triage and analysis.
Stars: ✭ 77 (+285%)
REW-sploitEmulate and Dissect MSF and *other* attacks
Stars: ✭ 115 (+475%)
telfhashSymbol hash for ELF files
Stars: ✭ 75 (+275%)
toolkitThe essential toolkit for reversing, malware analysis, and cracking
Stars: ✭ 176 (+780%)
vminspectTools for inspecting disk images
Stars: ✭ 25 (+25%)
Rat-Hunterdetect trojans by easy way 🛡️
Stars: ✭ 24 (+20%)
emeraldImport DynamoRIO drcov code coverage data into Ghidra
Stars: ✭ 30 (+50%)
malhuntHunt malware with Volatility
Stars: ✭ 30 (+50%)
Guanciale🥓 Grab info needed by Carbonara from executables and disassemblers databases
Stars: ✭ 14 (-30%)
Practical Malware AnalysisMaterials for a course based on the Practical Malware Analysis text by Andrew Honig and Michael Sikorski
Stars: ✭ 16 (-20%)
bonomenBONOMEN - Hunt for Malware Critical Process Impersonation
Stars: ✭ 42 (+110%)
antimalwareappAnti-malware for Android using machine learning
Stars: ✭ 206 (+930%)
Batch-AntivirusBatch Antivirus, a powerful antivirus suite written in batch with real-time protection and heuristical scanning.
Stars: ✭ 26 (+30%)
cheatsheetThese are some of the commands which I use frequently during Malware Analysis and DFIR.
Stars: ✭ 23 (+15%)
aparoidStatic and dynamic Android application security analysis
Stars: ✭ 62 (+210%)