289 Open source projects that are alternatives of or similar to Malware-Detection-Tools

Binary instrumentation framework based on FRIDA

The repository contains the python implementation of the Android Malware Detection paper: "Empirical assessment of machine learning-based malware detectors for Android: Measuring the Gap between In-the-Lab and In-the-Wild Validation Scenarios"

Android Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android

Drltrace is a library calls tracer for Windows and Linux applications.

Defund the Police.

Malware Sample Sources

FCL (Fileless Command Lines) - Known command lines of fileless malicious executions

A hackable malware sandbox for the 21st Century

Personal compilation of APT malware from whitepaper releases, documents and own research

Personal research and publication on malware families

AssemblyLine 4 - File triage and malware analysis

DrSemu - Sandboxed Malware Detection and Classification Tool Based on Dynamic Behavior

Android app analysis and feature extraction library

Droidefense: Advance Android Malware Analysis Framework

Bringing you the best of the worst files on the Internet.

Collection of malware persistence and hunting information. Be a persistent persistence hunter!

Linker/Compiler/Tool detector for Windows, Linux and MacOS.

Setup scripts for my Malware Analysis VMs

Android Reverse-Engineering Workbench for VS Code

Malice Yara Plugin

Drebin - NDSS 2014 Re-implementation

APK/DEX detector for Windows, Linux and MacOS.

A curated list of awesome YARA rules, tools, and people.

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

HaboMalHunter is a sub-project of Habo Malware Analysis System (https://habo.qq.com), which can be used for automated malware analysis and security assessment on the Linux system.

⛔🛡️ WeDefend - Monitor and Protect Windows from Remote Access Trojan

Submits multiple domains to VirusTotal API

Static and dynamic Android application security analysis

An open source framework for enterprise level automated analysis.

Android malware detection using static and dynamic analysis

The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.

Anti-Malware for minecraft

A graph-based static-dynamic hybrid DEX code analysis tool

RNN implementation with Keras for machine activity data to predict malware

A Binary Genetic Traits Lexer Framework

Talvos is a dynamic-analysis framework and debugger for Vulkan/SPIR-V programs.

The radare2 + frida book for Mobile Application assessment

Intentionally vulnerable Android application.

Deep Learning Based Android Malware Detection Framework

TIRO - A hybrid iterative deobfuscation framework for Android applications

FinSpy for Android technical analysis and tools

Stash for Binary Exploitation and Reverse Engineering Resources

Find exploitable PHP files by parameter fuzzing and function call tracing

Write-ups for FireEye's FLARE-On challenges

adversarial examples, adversarial malware examples, adversarial malware detection, adversarial deep ensemble, Android malware variants

Tool for detecting violations of ordering axioms in qsort/bsearch callbacks.

Emulate and Dissect MSF and *other* attacks

Simple windows API logger

Information Security Library

OLE Package Format Documentation

Tools for inspecting disk images

BluePill: Neutralizing Anti-Analysis Behavior in Malware Dissection (Black Hat Europe 2019, IEEE TIFS 2020)

This repository contains sample programs that mimick behavior found in real-world malware. The goal is to provide source code that can be compiled and used for learning purposes, without having to worry about handling live malware.

Community modules for FAME

An antivirus powered by machine learning.

MultiAV scanner with Python and JSON REST API using Malice Docker AV Containers and Docker-Machine based Autoscaling

Hexrays decompiler plugin that colorizes and filters the decompiler's output based on regular expressions

Extract OLEv1 objects from RTF files by instrumenting Word

Materials for a course based on the Practical Malware Analysis text by Andrew Honig and Michael Sikorski

Core server components for Assemblyline 4 (Alerter, dispatcher, expiry, ingester, scaler, updater, ...)