awesome-malware-analysis (138)

Subscribe

AbertayMachineLearningGroup/CryptoKnight

github.com

Cryptographic Dataset Generation & Modelling Framework

cryptography deep-learning deep-neural-networks machine-learning python
- Add
1
tomchop/malcom

github.com

Malcom - Malware Communications Analyzer

malware network-traffic pcap python repository
- Add
1
idaholab/Malcolm

github.com

Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts...
Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files) and Zeek logs.

python repository
- Add
1
fireeye/flare-fakenet-ng

github.com

FakeNet-NG - Next Generation Dynamic Network Analysis Tool

fakenet-ng fireeye-flare malware-analysis python repository
- Add
1
phdphuc/mac-a-mal

github.com

repository
- Add
1
crypto2011/IDR

github.com

Interactive Delphi Reconstructor

c++ repository
- Add
1
NationalSecurityAgency/ghidra

github.com

Ghidra is a software reverse engineering (SRE) framework

disassembler java repository reverse-engineering software-analysis
- Add
2
unipacker/unipacker

github.com

Automatic and platform-independent unpacker for Windows binaries based on emulation

pefile python repository reverse-engineering unpacker
- Add
1
CapacitorSet/box-js

github.com

A tool for studying JavaScript malware.

es6 javascript malware malwareanalysis nodejs
- Add
1
maliceio/malice

github.com

VirusTotal Wanna Be - Now with 100% more Hipster

docker go infosec malice malware
- Add
1
nbeede/BoomBox

github.com

Automatic deployment of Cuckoo Sandbox malware lab using Packer and Vagrant

powershell repository
- Add
1
uppusaikiran/yara-finder

github.com

Simple tool to find the yara matches on a file

malware malware-analysis python repository yara
- Add
1
katjahahn/PortEx

github.com

Java library to analyse Portable Executable files with a special focus on malware analysis and PE...
Java library to analyse Portable Executable files with a special focus on malware analysis and PE malformation robustness

java repository
- Add
1
silascutler/MalPipe

github.com

Malware/IOC ingestion and processing engine

python repository
- Add
1
onlurking/awesome-infosec

github.com

A curated list of awesome infosec courses and training resources.

courses infosec penetration-testing pentest
- Add
1
hslatman/awesome-industrial-control-system-security

github.com

A curated list of resources related to Industrial Control System (ICS) security.

python
- Add
1
cugu/awesome-forensics

github.com

A curated list of awesome forensic analysis tools and resources

computer-forensics dfir digital-forensics forensic-analysis
- Add
1
paragonie/awesome-appsec

github.com

A curated list of resources for learning about application security

application-security curated php reading-list security
- Add
1
endgameinc/ember

github.com

jupyter notebook
- Add
1
aptnotes/data

github.com

APTnotes data

analysis apt malware
- Add
1
corkami/pics

github.com

Posters, drawings...

assembly
- Add
1
a0rtega/pafish

github.com

Pafish is a demonstration tool that employs several techniques to detect sandboxes and analysis environments in...
Pafish is a demonstration tool that employs several techniques to detect sandboxes and analysis environments in the same way as malware families do.

analysis-environments c malware malware-families reverse-engineering
- Add
1
uppusaikiran/malware-organiser

github.com

A simple tool to organise large malicious/benign files into a organised Structure.

clean-file malicious malware malware-analysis malware-research
- Add
1
misterch0c/malSploitBase

github.com

Malware exploits
- Add
1
LordNoteworthy/al-khaser

github.com

Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.

anti-analysis anti-debugging anti-emulation anti-sandbox anti-vm
- Add
1
ANSSI-FR/polichombr

github.com

Collaborative malware analysis framework

ida idapro malware-analysis malware-research python
- Add
1
Defense-Cyber-Crime-Center/DC3-MWCP

github.com

python
- Add
1
fireeye/flare-vm

github.com

powershell
- Add
1
sroberts/malwarehouse

github.com

A warehouse for your malware

python
- Add
1
williballenthin/python-evt

github.com

Pure Python parser for classic Windows Event Log files (.evt)

python
- Add
1
merces/aleph

github.com

An Open Source Malware Analysis Pipeline System

css
- Add
1
keydet89/RegRipper2.8

github.com

RegRipper version 2.8

perl
- Add
1
swwwolf/wdbgark

github.com

WinDBG Anti-RootKit Extension

c++ c-plus-plus kernel-mode malware malware-analysis
- Add
1
OMENScan/AChoir

github.com

Windows Live Artifacts Acquisition Script

c++
- Add
1
kevthehermit/VolUtility

github.com

Web App for Volatility framework

python
- Add
1
ShaneK2/inVtero.net

github.com

inVtero.net: A high speed (Gbps) Forensics, Memory integrity & assurance. Includes offensive & defensive memory capabilities....
inVtero.net: A high speed (Gbps) Forensics, Memory integrity & assurance. Includes offensive & defensive memory capabilities. Find/Extract processes, hypervisors (including nested) in memory dumps using microarchitechture independent Virtual Machiene Introspection techniques

c# forensics hypervisor memory-dump memory-hacking
- Add
1
ytisf/muninn

github.com

A short and small memory forensics helper.

memory-forensics python volatility
- Add
1
aim4r/VolDiff

github.com

VolDiff: Malware Memory Footprint Analysis based on Volatility

python
- Add
1
sketchymoose/TotalRecall

github.com

Based on the Volatility framework, this script will run various plugins as well as create a...
Based on the Volatility framework, this script will run various plugins as well as create a timeline, or use YARA/ClamAV/VirusTotal to find badness.

python
- Add
1
504ensicsLabs/DAMM

github.com

Differential Analysis of Malware in Memory

python
- Add
1
ch3k1/squidmagic

github.com

analyze a web-based network traffic to detect central command and control servers

incident-response network-traffic proxy-server python squid
- Add
1
RamadhanAmizudin/python-icap-yara

github.com

An ICAP Server with yara scanner for URL and content.

icap icap-server malware-analysis python squid-proxy
- Add
1
JamesHabben/evolve

github.com

Web interface for the Volatility Memory Forensics Framework

javascript
- Add
1
mateuszk87/PcapViz

github.com

Visualize network topologies and collect graph statistics based on pcap files

network-topology pcap python security-tools
- Add
1
stamparm/maltrail

github.com

Malicious traffic detection system

heuristics intrusion-detection malware python security
- Add
1
jpr5/ngrep

github.com

ngrep is like GNU grep applied to the network layer. It's a PCAP-based tool that allows...
ngrep is like GNU grep applied to the network layer. It's a PCAP-based tool that allows you to specify an extended regular or hexadecimal expression to match against data payloads of packets. It understands many kinds of protocols, including IPv4/6, TCP, UDP, ICMPv4/6, IGMP and Raw, across a wide variety of interface types, and understands BPF f…

c grepping sniffer
- Add
1
jbremer/httpreplay

github.com

Replay HTTP and HTTPS requests from a PCAP based on TLS Master Secrets.

python
- Add
1
MITRECND/chopshop

github.com

Protocol Analysis/Decoder Framework

python
- Add
1
lmco/laikaboss

github.com

Laika BOSS: Object Scanning System

python
- Add
1
pjlantz/Hale

github.com

Botnet command & control monitor

python
- Add
1