BlackwebDomains Blocklist for Squid-Cache
Stars: ✭ 189 (+23.53%)
EvasionsEvasions encyclopedia gathers methods used by malware to evade detection when run in virtualized environment. Methods are grouped into categories for ease of searching and understanding. Also provided are code samples, signature recommendations and countermeasures within each category for the described techniques.
Stars: ✭ 173 (+13.07%)
Threat IntelArchive of publicly available threat INTel reports (mostly APT Reports but not limited to).
Stars: ✭ 252 (+64.71%)
Telegram RatWindows Remote Administration Tool via Telegram. Written in Python
Stars: ✭ 201 (+31.37%)
Docker MispAutomated Docker MISP container - Malware Information Sharing Platform and Threat Sharing
Stars: ✭ 148 (-3.27%)
FIDLA sane API for IDA Pro's decompiler. Useful for malware RE and vulnerability research
Stars: ✭ 421 (+175.16%)
Trisis Triton HatmanRepository containting original and decompiled files of TRISIS/TRITON/HATMAN malware
Stars: ✭ 178 (+16.34%)
malware api classMalware dataset for security researchers, data scientists. Public malware dataset generated by Cuckoo Sandbox based on Windows OS API calls analysis for cyber security researchers
Stars: ✭ 134 (-12.42%)
AntidebuggingA collection of c++ programs that demonstrate common ways to detect the presence of an attached debugger.
Stars: ✭ 161 (+5.23%)
ElfparserCross Platform ELF analysis
Stars: ✭ 228 (+49.02%)
BotnetsThis is a collection of #botnet source codes, unorganized. For EDUCATIONAL PURPOSES ONLY
Stars: ✭ 2,523 (+1549.02%)
Sheep WolfWolves Among the Sheep
Stars: ✭ 138 (-9.8%)
Kernel-dll-injectorKernel-Mode Driver that loads a dll into every new created process that loads kernel32.dll module
Stars: ✭ 256 (+67.32%)
Process doppelgangingMy implementation of enSilo's Process Doppelganging (PE injection technique)
Stars: ✭ 198 (+29.41%)
Php Antimalware ScannerAMWScan (PHP Antimalware Scanner) is a free tool to scan php files and analyze your project to find any malicious code inside it.
Stars: ✭ 181 (+18.3%)
Runpe In MemoryRun a Exe File (PE Module) in memory (like an Application Loader)
Stars: ✭ 249 (+62.75%)
EnergizedprotectionA merged collection of hosts from reputable sources. #StayEnergized!
Stars: ✭ 175 (+14.38%)
binary-auditing-solutionsLearn the fundamentals of Binary Auditing. Know how HLL mapping works, get more inner file understanding than ever.
Stars: ✭ 61 (-60.13%)
Nginx Ultimate Bad Bot BlockerNginx Block Bad Bots, Spam Referrer Blocker, Vulnerability Scanners, User-Agents, Malware, Adware, Ransomware, Malicious Sites, with anti-DDOS, Wordpress Theme Detector Blocking and Fail2Ban Jail for Repeat Offenders
Stars: ✭ 2,351 (+1436.6%)
Malware SamplesMalware samples, analysis exercises and other interesting resources.
Stars: ✭ 241 (+57.52%)
DFIR Resources REvil KaseyaResources for DFIR Professionals Responding to the REvil Ransomware Kaseya Supply Chain Attack
Stars: ✭ 172 (+12.42%)
Blocklist Ipsetsipsets dynamically updated with firehol's update-ipsets.sh script
Stars: ✭ 2,011 (+1214.38%)
SerpentineC++/Win32/Boost Windows RAT (Remote Administration Tool) with a multiplatform Java/Spring RESTful C2 server and Go, C++/Qt5 frontends
Stars: ✭ 216 (+41.18%)
NetwormPython network worm that spreads on the local network and gives the attacker control of these machines.
Stars: ✭ 135 (-11.76%)
Open MyrtusRCEed version of computer malware / rootkit MyRTUs / Stuxnet.
Stars: ✭ 208 (+35.95%)
mkpolyA simple polymorphic engine
Stars: ✭ 28 (-81.7%)
MemtriageAllows you to quickly query a Windows machine for RAM artifacts
Stars: ✭ 200 (+30.72%)
VX-APICollection of various malicious functionality to aid in malware development
Stars: ✭ 904 (+490.85%)
QilingQiling Advanced Binary Emulation Framework
Stars: ✭ 2,816 (+1740.52%)
ioc-fangerFang and defang indicators of compromise. You can test this project in a GUI here: http://ioc-fanger.hightower.space .
Stars: ✭ 47 (-69.28%)
Unified Hosts AutoupdateQuickly and easily install, uninstall, and set up automatic updates for any of Steven Black's unified hosts files.
Stars: ✭ 185 (+20.92%)
rhinoAgile Sandbox for analyzing Windows, Linux and macOS malware and execution behaviors
Stars: ✭ 49 (-67.97%)
CypherPythonic ransomware proof of concept.
Stars: ✭ 178 (+16.34%)
OwlyshieldOwlyshield is an EDR framework designed to safeguard vulnerable applications from potential exploitation (C&C, exfiltration and impact))..
Stars: ✭ 281 (+83.66%)
LisaSandbox for automated Linux malware analysis.
Stars: ✭ 177 (+15.69%)
AnteaterAnteater - CI/CD Gate Check Framework
Stars: ✭ 174 (+13.73%)
Malware-CollectionSource codes of malwares, stress tests etc. for computer.
Stars: ✭ 27 (-82.35%)
Misp TaxonomiesTaxonomies used in MISP taxonomy system and can be used by other information sharing tool.
Stars: ✭ 168 (+9.8%)
Pepper An open source script to perform malware static analysis on Portable Executable
Stars: ✭ 250 (+63.4%)
DdoorDDoor - cross platform backdoor using dns txt records
Stars: ✭ 168 (+9.8%)
miraiThe Mirai malware modified for use on NCL/a virtual/simulated environment.
Stars: ✭ 32 (-79.08%)
MalwareRootkits | Backdoors | Sniffers | Virus | Ransomware | Steganography | Cryptography | Shellcodes | Webshells | Keylogger | Botnets | Worms | Other Network Tools
Stars: ✭ 156 (+1.96%)
FilewatcherA simple auditing utility for macOS
Stars: ✭ 233 (+52.29%)
Flare FlossFLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.
Stars: ✭ 2,020 (+1220.26%)
unprotectUnprotect is a python tool for parsing PE malware and extract evasion techniques.
Stars: ✭ 75 (-50.98%)
BinsnitchDetect silent (unwanted) changes to files on your system
Stars: ✭ 144 (-5.88%)
KicomavKicomAV is an open source (GPL v2) antivirus engine designed for detecting malware and disinfecting it.
Stars: ✭ 227 (+48.37%)
PafishPafish is a testing tool that uses different techniques to detect virtual machines and malware analysis environments in the same way that malware families do
Stars: ✭ 2,026 (+1224.18%)
IAT APIAssembly block for finding and calling the windows API functions inside import address table(IAT) of the running PE file.
Stars: ✭ 63 (-58.82%)
Threat HuntingPersonal compilation of APT malware from whitepaper releases, documents and own research
Stars: ✭ 219 (+43.14%)
kiteshieldPacker/Protector for x86-64 ELF binaries on Linux
Stars: ✭ 71 (-53.59%)
Malware-ZooHashes of infamous malware
Stars: ✭ 18 (-88.24%)
OrcaAdvanced Malware with multifeatures written in ASM/C/C++ , work on all windows versions ! (uncompleted)
Stars: ✭ 184 (+20.26%)
UmbraA LKM rootkit targeting 4.x and 5.x kernel versions which opens a backdoor that can spawn a reverse shell to a remote host, launch malware and more.
Stars: ✭ 98 (-35.95%)
Goat🐐 GoAT (Golang Advanced Trojan) is a trojan that uses Twitter as a C&C server
Stars: ✭ 218 (+42.48%)