Ir RescueA Windows Batch script and a Unix Bash script to comprehensively collect host forensic data during incident response.
Stars: ✭ 311 (+80.81%)
Awesome HackingAwesome hacking is an awesome collection of hacking tools.
Stars: ✭ 1,802 (+947.67%)
memscrimperCode for the DIMVA 2018 paper: "MemScrimper: Time- and Space-Efficient Storage of Malware Sandbox Memory Dumps"
Stars: ✭ 25 (-85.47%)
MalconfscanVolatility plugin for extracts configuration data of known malware
Stars: ✭ 327 (+90.12%)
Artifacts KitPseudo-malicious usermode memory artifact generator kit designed to easily mimic the footprints left by real malware on an infected Windows OS.
Stars: ✭ 99 (-42.44%)
MbaMalware Behavior Analyzer
Stars: ✭ 125 (-27.33%)
LisaSandbox for automated Linux malware analysis.
Stars: ✭ 177 (+2.91%)
KicomavKicomAV is an open source (GPL v2) antivirus engine designed for detecting malware and disinfecting it.
Stars: ✭ 227 (+31.98%)
Misp TaxonomiesTaxonomies used in MISP taxonomy system and can be used by other information sharing tool.
Stars: ✭ 168 (-2.33%)
MalwareRootkits | Backdoors | Sniffers | Virus | Ransomware | Steganography | Cryptography | Shellcodes | Webshells | Keylogger | Botnets | Worms | Other Network Tools
Stars: ✭ 156 (-9.3%)
rhinoAgile Sandbox for analyzing Windows, Linux and macOS malware and execution behaviors
Stars: ✭ 49 (-71.51%)
SerpentineC++/Win32/Boost Windows RAT (Remote Administration Tool) with a multiplatform Java/Spring RESTful C2 server and Go, C++/Qt5 frontends
Stars: ✭ 216 (+25.58%)
BinsnitchDetect silent (unwanted) changes to files on your system
Stars: ✭ 144 (-16.28%)
CypherPythonic ransomware proof of concept.
Stars: ✭ 178 (+3.49%)
FilewatcherA simple auditing utility for macOS
Stars: ✭ 233 (+35.47%)
AnteaterAnteater - CI/CD Gate Check Framework
Stars: ✭ 174 (+1.16%)
VX-APICollection of various malicious functionality to aid in malware development
Stars: ✭ 904 (+425.58%)
DdoorDDoor - cross platform backdoor using dns txt records
Stars: ✭ 168 (-2.33%)
Threat HuntingPersonal compilation of APT malware from whitepaper releases, documents and own research
Stars: ✭ 219 (+27.33%)
Flare FlossFLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.
Stars: ✭ 2,020 (+1074.42%)
Kernel-dll-injectorKernel-Mode Driver that loads a dll into every new created process that loads kernel32.dll module
Stars: ✭ 256 (+48.84%)
PafishPafish is a testing tool that uses different techniques to detect virtual machines and malware analysis environments in the same way that malware families do
Stars: ✭ 2,026 (+1077.91%)
Open MyrtusRCEed version of computer malware / rootkit MyRTUs / Stuxnet.
Stars: ✭ 208 (+20.93%)
NetwormPython network worm that spreads on the local network and gives the attacker control of these machines.
Stars: ✭ 135 (-21.51%)
AmsiscannerA C/C++ implementation of Microsoft's Antimalware Scan Interface
Stars: ✭ 134 (-22.09%)
MemtriageAllows you to quickly query a Windows machine for RAM artifacts
Stars: ✭ 200 (+16.28%)
ThreadboatProgram Uses Thread Execution Hijacking To Inject Native Shell-code Into a Standard Win32 Application
Stars: ✭ 132 (-23.26%)
Php Antimalware ScannerAMWScan (PHP Antimalware Scanner) is a free tool to scan php files and analyze your project to find any malicious code inside it.
Stars: ✭ 181 (+5.23%)
Malware SamplesMalware samples, analysis exercises and other interesting resources.
Stars: ✭ 241 (+40.12%)
Trisis Triton HatmanRepository containting original and decompiled files of TRISIS/TRITON/HATMAN malware
Stars: ✭ 178 (+3.49%)
prowlerProwler is an Open Source Security tool for AWS, Azure and GCP to perform Cloud Security best practices assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. It contains hundreds of controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks.
Stars: ✭ 8,046 (+4577.91%)
EnergizedprotectionA merged collection of hosts from reputable sources. #StayEnergized!
Stars: ✭ 175 (+1.74%)
ElfparserCross Platform ELF analysis
Stars: ✭ 228 (+32.56%)
EvasionsEvasions encyclopedia gathers methods used by malware to evade detection when run in virtualized environment. Methods are grouped into categories for ease of searching and understanding. Also provided are code samples, signature recommendations and countermeasures within each category for the described techniques.
Stars: ✭ 173 (+0.58%)
Nginx Ultimate Bad Bot BlockerNginx Block Bad Bots, Spam Referrer Blocker, Vulnerability Scanners, User-Agents, Malware, Adware, Ransomware, Malicious Sites, with anti-DDOS, Wordpress Theme Detector Blocking and Fail2Ban Jail for Repeat Offenders
Stars: ✭ 2,351 (+1266.86%)
AntidebuggingA collection of c++ programs that demonstrate common ways to detect the presence of an attached debugger.
Stars: ✭ 161 (-6.4%)
FIDLA sane API for IDA Pro's decompiler. Useful for malware RE and vulnerability research
Stars: ✭ 421 (+144.77%)
Goat🐐 GoAT (Golang Advanced Trojan) is a trojan that uses Twitter as a C&C server
Stars: ✭ 218 (+26.74%)
Docker MispAutomated Docker MISP container - Malware Information Sharing Platform and Threat Sharing
Stars: ✭ 148 (-13.95%)
IAT APIAssembly block for finding and calling the windows API functions inside import address table(IAT) of the running PE file.
Stars: ✭ 63 (-63.37%)
Blocklist Ipsetsipsets dynamically updated with firehol's update-ipsets.sh script
Stars: ✭ 2,011 (+1069.19%)
BotnetsThis is a collection of #botnet source codes, unorganized. For EDUCATIONAL PURPOSES ONLY
Stars: ✭ 2,523 (+1366.86%)
Sheep WolfWolves Among the Sheep
Stars: ✭ 138 (-19.77%)
Runpe In MemoryRun a Exe File (PE Module) in memory (like an Application Loader)
Stars: ✭ 249 (+44.77%)
YpsilonAutomated Use Case Testing
Stars: ✭ 135 (-21.51%)
Telegram RatWindows Remote Administration Tool via Telegram. Written in Python
Stars: ✭ 201 (+16.86%)
UitkykRuntime memory analysis framework to identify Android malware
Stars: ✭ 133 (-22.67%)
CCXDiggerThe CyberCX Digger project is designed to help Australian organisations determine if they have been impacted by certain high profile cyber security incidents. Digger provides threat hunting functionality packaged in a simple-to-use tool, allowing users to detect certain attacker activities; all for free.
Stars: ✭ 45 (-73.84%)
PracticalmalwarelabsKeep track of the labs from the book "Practical Malware Analysis"
Stars: ✭ 130 (-24.42%)
Process doppelgangingMy implementation of enSilo's Process Doppelganging (PE injection technique)
Stars: ✭ 198 (+15.12%)
Ergo Pe Av🧠 🦠 An artificial neural network and API to detect Windows malware, based on Ergo and LIEF.
Stars: ✭ 130 (-24.42%)
Mass RatBasic Multiplatform Remote Administration Tool - Xamarin
Stars: ✭ 127 (-26.16%)
Threat IntelArchive of publicly available threat INTel reports (mostly APT Reports but not limited to).
Stars: ✭ 252 (+46.51%)
QilingQiling Advanced Binary Emulation Framework
Stars: ✭ 2,816 (+1537.21%)
DeathransomA ransomware developed in python, with bypass technics, for educational purposes.
Stars: ✭ 126 (-26.74%)
Awesome Hacking ResourcesA collection of hacking / penetration testing resources to make you better!
Stars: ✭ 11,466 (+6566.28%)