200 Open source projects that are alternatives of or similar to FinSpy-for-Android

A command line tool to find malwares on http://openmalware.org

A collection of c++ programs that demonstrate common ways to detect the presence of an attached debugger.

Various analysis of Android stalkerware

APK/DEX detector for Windows, Linux and MacOS.

Distributed malware processing framework based on Python, Redis and MinIO.

ssdeep cluster analysis for malware files

Advanced and easy to use penetration testing framework 💣🔎

🥓 Grab info needed by Carbonara from executables and disassemblers databases

Intel Owl: analyze files, domains, IPs in multiple ways from a single API at scale

Extract and Deobfuscate XLM macros (a.k.a Excel 4.0 Macros)

Don't Just Search OSINT. Sweep It.

A repository of my completed writeups, along with the samples themselves.

Static and dynamic Android application security analysis

Cmulator is ( x86 - x64 ) Scriptable Reverse Engineering Sandbox Emulator for shellcode and PE binaries . Based on Unicorn & Zydis Engine & javascript

The essential toolkit for reversing, malware analysis, and cracking

Program for determining types of files for Windows, Linux and MacOS.

Final project for the M.Sc. in Engineering in Computer Science at Università degli Studi di Roma "La Sapienza" (A.Y. 2016/2017).

A bunch of Windows anti-debugging tricks for x86 and x64.

This repository contains sample programs that mimick behavior found in real-world malware. The goal is to provide source code that can be compiled and used for learning purposes, without having to worry about handling live malware.

Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing

No description or website provided.

Detect silent (unwanted) changes to files on your system

BONOMEN - Hunt for Malware Critical Process Impersonation

Toolkit for enriching and speeding up static malware analysis

DrSemu - Sandboxed Malware Detection and Classification Tool Based on Dynamic Behavior

UNIX-like reverse engineering framework and command-line toolset

Malware repository component for samples & static configuration with REST API interface.

These are some of the commands which I use frequently during Malware Analysis and DFIR.

Personal compilation of APT malware from whitepaper releases, documents and own research

Symbol hash for ELF files

Authors

Hashes of infamous malware

Ghidra Analysis Enhancer 🐉

BluePill: Neutralizing Anti-Analysis Behavior in Malware Dissection (Black Hat Europe 2019, IEEE TIFS 2020)

Android app analysis and feature extraction library

pwn & ctf tools for windows

Endpoint detection & Malware analysis software

Import DynamoRIO drcov code coverage data into Ghidra

A SDK for the creation of analysis tools without obtaining app source code in order to profile runtime performance, examine code coverage, and track high-risk behaviors of a given app on Android 5.0 and above.

Owlyshield is an EDR framework designed to safeguard vulnerable applications from potential exploitation (C&C, exfiltration and impact))..

Sandbox for automated Linux malware analysis.

Collection of malware persistence and hunting information. Be a persistent persistence hunter!

Free Malware Training Datasets for Machine Learning

Kernel-Mode Driver that loads a dll into every new created process that loads kernel32.dll module

This project aims at simplifying Windows API import recovery on arbitrary memory dumps

AssemblyLine 4 - File triage and malware analysis

Linker/Compiler/Tool detector for Windows, Linux and MacOS.

An open source script to perform malware static analysis on Portable Executable

Set of functions to increase productivity while hacking with Bash

Malware Sample Sources

Awesome CSIRT is an curated list of links and resources in security and CSIRT daily activities.

Vba2Graph - Generate call graphs from VBA code, for easier analysis of malicious documents.

A Python library and command line tools to provide interactive log visualization.

A curated list of awesome resources related to executable packing

Simple No-meaning Assembly Omitter for IDA Pro (This is just a prototype)

Simple windows API logger

Information Security Library

Core server components for Assemblyline 4 (Alerter, dispatcher, expiry, ingester, scaler, updater, ...)

⛔🛡️ WeDefend - Monitor and Protect Windows from Remote Access Trojan

.NET runtime inspector