875 Open source projects that are alternatives of or similar to Threat Hunting

Malware Sample Sources

Bringing you the best of the worst files on the Internet.

Collection of malware persistence and hunting information. Be a persistent persistence hunter!

🐺 Malware analysis platform

A curated list of awesome YARA rules, tools, and people.

Malware hashes for open source projects.

FCL (Fileless Command Lines) - Known command lines of fileless malicious executions

Personal research and publication on malware families

Malice Yara Plugin

🐺 Malware analysis platform

Owlyshield is an EDR framework designed to safeguard vulnerable applications from potential exploitation (C&C, exfiltration and impact))..

A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.

Android app analysis and feature extraction library

Submits multiple domains to VirusTotal API

Defund the Police.

BluePill: Neutralizing Anti-Analysis Behavior in Malware Dissection (Black Hat Europe 2019, IEEE TIFS 2020)

A Binary Genetic Traits Lexer Framework

APK/DEX detector for Windows, Linux and MacOS.

Collection of scripts for different malware analysis tasks

Java-layer Android Malware Simplifier

One of the few malware collection

A Python Bytecode Disassembler helping reverse engineers in dissecting Python binaries by disassembling and analyzing the compiled python byte-code(.pyc) files across all python versions (including Python 3.10.*)

A collection of c++ programs that demonstrate common ways to detect the presence of an attached debugger.

YAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.

Malware Machine Learning

Drebin - NDSS 2014 Re-implementation

BeSafe is robust threat analyzer which help to protect your desktop environment and know what's happening around you

AssemblyLine 4 - File triage and malware analysis

A curated list of awesome resources related to executable packing

A toolkit for Security Researchers

Android Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android

MISP (core software) - Open Source Threat Intelligence and Sharing Platform

Malware repository component for samples & static configuration with REST API interface.

Malcom - Malware Communications Analyzer

⛔🛡️ WeDefend - Monitor and Protect Windows from Remote Access Trojan

Community modules for FAME

A pattern based Dalvik deobfuscator which uses limited execution to improve semantic analysis

An open source framework for enterprise level automated analysis.

Extract and aggregate threat intelligence.

Pafish is a testing tool that uses different techniques to detect virtual machines and malware analysis environments in the same way that malware families do

VirusTotal Wanna Be - Now with 100% more Hipster

Collecting IOCs posted on Twitter

Hashes of infamous malware

Binary instrumentation framework based on FRIDA

Intel Owl: analyze files, domains, IPs in multiple ways from a single API at scale

Clusters and elements to attach to MISP events or attributes (like threat actors)

DRAKVUF Sandbox - automated hypervisor-level malware analysis system

Android virtual machine and deobfuscator

Modular file scanning/analysis framework

Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing

Linker/Compiler/Tool detector for Windows, Linux and MacOS.

Collection of malware source code for a variety of platforms in an array of different programming languages.

A collection of malware samples and relevant dissection information, most probably referenced from http://blog.inquest.net

Leaked Linux.Mirai Source Code for Research/IoC Development Purposes

Archive of publicly available threat INTel reports (mostly APT Reports but not limited to).

yarGen is a generator for YARA rules

Malware samples for analysis, researchers, anti-virus and system protection testing.(1300+ Malware-samples!)

WinDBG Anti-RootKit Extension

FAME Automates Malware Evaluation

A collection of c++ programs that demonstrate common ways to detect the presence of an attached debugger.