A collection of resources if you want to get into malware research. Pull requests are very welcome.
☆122Mar 28, 2019Updated 7 years ago
Alternatives and similar repositories for malware-analysis-resources
Users that are interested in malware-analysis-resources are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Analysis of techniques used by Conti ransomware affiliates from their leaked manuals.☆19Aug 29, 2021Updated 4 years ago
- A collection of notes and rules (Snort/Suricata, Sigma, and YARA) to identify various samples of malware.☆14Sep 7, 2021Updated 4 years ago
- ☆17Aug 24, 2020Updated 5 years ago
- ☆15Jun 5, 2019Updated 6 years ago
- Helper scripts to automate the extraction of YARA rules from XProtectRemediators☆22Mar 5, 2024Updated 2 years ago
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- A Wordpress Exploitation Toolkit☆15Nov 22, 2017Updated 8 years ago
- Imphash-like calculation on Golang binaries☆49Jul 2, 2022Updated 3 years ago
- Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.☆32Nov 23, 2025Updated 4 months ago
- This repository contains a mindmap for different techniques for using Censys Search☆15Sep 17, 2025Updated 6 months ago
- Links or additional data to some researches☆14May 24, 2019Updated 6 years ago
- Yara matching in ElasticSearch.☆10Jun 12, 2018Updated 7 years ago
- Personal notes and lab results pertaining to the text "Practical Malware Analysis" by Michael Sikorski and Andrew Honiq.☆12Oct 28, 2017Updated 8 years ago
- JPCERT/CC public YARA rules repository☆110Mar 9, 2026Updated last month
- ncurses shellcode/instructions tester using unicorn-engine☆13Feb 1, 2025Updated last year
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Binary Ninja plugin for interacting with the OALabs HashDB service☆21Nov 1, 2024Updated last year
- Malicious URLs and IP Addresses compiled by USOM (Computer Emergency Response Team of Turkey), updated once a day.☆22Apr 1, 2026Updated last week
- Extracts Azure authentication tokens from PowerShell process minidumps.☆25May 20, 2023Updated 2 years ago
- Create a cool process tree like https://twitter.com/ACEResponder.☆35Mar 1, 2023Updated 3 years ago
- Work in Progress repo☆16Apr 18, 2019Updated 6 years ago
- A repository of Sysmon For Linux configuration modules☆16Oct 14, 2021Updated 4 years ago
- A collection of my reverse engineering and malware analysis write-ups☆21Dec 11, 2020Updated 5 years ago
- Signature libraries for Binary Ninja☆16Mar 18, 2020Updated 6 years ago
- ☆12Jun 22, 2022Updated 3 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- easily upgrade any TCP Socket class to a WebSocket implementation including streaming deflate☆17Dec 23, 2025Updated 3 months ago
- Windows PDB Parser using Imagehlp library.☆16Sep 16, 2022Updated 3 years ago
- Top domains list generated by Webshrinker and DNSFilter☆17Sep 30, 2024Updated last year
- Field guide to gather low-hanging fruits☆14Mar 20, 2025Updated last year
- This repo contain Android malware samples and analysis☆13Apr 3, 2021Updated 5 years ago
- A PowerShell script to prevent Sysmon from writing its events☆17Apr 23, 2020Updated 5 years ago
- 🔍 gowitness - a golang, web screenshot utility using Chrome Headless☆13May 31, 2019Updated 6 years ago
- Links to VeteranSec Resources☆12May 18, 2020Updated 5 years ago
- Scans a list of raccoon servers from Tria.ge and extracts the config☆15Jun 5, 2023Updated 2 years ago
- NordVPN Special Discount Offer • AdSave on top-rated NordVPN 1 or 2-year plans with secure browsing, privacy protection, and support for for all major platforms.
- Browse Windows Prefetch versions: 17,23,26,30v1/2,31 & some of SuperFetch .7db/.db's☆65Dec 18, 2024Updated last year
- A C# based tool for analysing malicious OneNote documents☆117Apr 4, 2023Updated 3 years ago
- An Internet-Draft for the Balloon Key Derivation Function (BKDF), a memory-hard password hashing and password-based key derivation functi…☆11Jun 29, 2025Updated 9 months ago
- Proof-of-concept modular implant platform leveraging v8☆54Mar 4, 2025Updated last year
- ☆22Aug 29, 2024Updated last year
- Event Trace Log file parser in pure Python☆150Nov 27, 2020Updated 5 years ago
- ProcDot Malware Sandbox☆26Jul 28, 2025Updated 8 months ago