A collection of resources if you want to get into malware research. Pull requests are very welcome.
☆124Mar 28, 2019Updated 7 years ago
Alternatives and similar repositories for malware-analysis-resources
Users that are interested in malware-analysis-resources are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Analysis of techniques used by Conti ransomware affiliates from their leaked manuals.☆19Aug 29, 2021Updated 4 years ago
- ☆17Aug 24, 2020Updated 5 years ago
- ☆14Jun 5, 2019Updated 6 years ago
- Helper scripts to automate the extraction of YARA rules from XProtectRemediators☆22Mar 5, 2024Updated 2 years ago
- A Wordpress exploitation toolkit☆15Nov 22, 2017Updated 8 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Imphash-like calculation on Golang binaries☆50Jul 2, 2022Updated 3 years ago
- Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.☆32Nov 23, 2025Updated 5 months ago
- This repository contains a mindmap for different techniques for using Censys Search☆15Sep 17, 2025Updated 7 months ago
- Links or additional data to some researches☆14May 24, 2019Updated 6 years ago
- Yara matching in ElasticSearch.☆10Jun 12, 2018Updated 7 years ago
- Personal notes and lab results pertaining to the text "Practical Malware Analysis" by Michael Sikorski and Andrew Honiq.☆12Oct 28, 2017Updated 8 years ago
- JPCERT/CC public YARA rules repository☆111Mar 9, 2026Updated last month
- ncurses shellcode/instructions tester using unicorn-engine☆13Feb 1, 2025Updated last year
- ☆13Aug 11, 2018Updated 7 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Binary Ninja plugin for interacting with the OALabs HashDB service☆21Nov 1, 2024Updated last year
- Malicious URLs and IP Addresses compiled by USOM (Computer Emergency Response Team of Turkey), updated once a day.☆22Apr 21, 2026Updated last week
- Extracts Azure authentication tokens from PowerShell process minidumps.☆25May 20, 2023Updated 2 years ago
- Create a cool process tree like https://twitter.com/ACEResponder.☆35Mar 1, 2023Updated 3 years ago
- Work in Progress repo☆16Apr 18, 2019Updated 7 years ago
- A repository of Sysmon For Linux configuration modules☆16Oct 14, 2021Updated 4 years ago
- ☆12Jun 22, 2022Updated 3 years ago
- easily upgrade any TCP Socket class to a WebSocket implementation including streaming deflate☆17Dec 23, 2025Updated 4 months ago
- Windows PDB Parser using Imagehlp library.☆16Sep 16, 2022Updated 3 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Top domains list generated by Webshrinker and DNSFilter☆17Sep 30, 2024Updated last year
- Field guide to gather low-hanging fruits☆15Mar 20, 2025Updated last year
- This repo contain Android malware samples and analysis☆13Apr 3, 2021Updated 5 years ago
- Ransomware Simulator for Blue team ,Ransomware Simulator for Red team ,Ransomware infographic, open source Anti Ransomware, Ransomware As…☆34Jun 29, 2021Updated 4 years ago
- A PowerShell script to prevent Sysmon from writing its events☆17Apr 23, 2020Updated 6 years ago
- 🔍 gowitness - a golang, web screenshot utility using Chrome Headless☆13May 31, 2019Updated 6 years ago
- Links to VeteranSec Resources☆12May 18, 2020Updated 5 years ago
- Scans a list of raccoon servers from Tria.ge and extracts the config☆15Jun 5, 2023Updated 2 years ago
- Browse Windows Prefetch versions: 17,23,26,30v1/2,31 & some of SuperFetch .7db/.db's☆65Dec 18, 2024Updated last year
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- A C# based tool for analysing malicious OneNote documents☆118Apr 4, 2023Updated 3 years ago
- An Internet-Draft for the Balloon Key Derivation Function (BKDF), a memory-hard password hashing and password-based key derivation functi…☆11Jun 29, 2025Updated 10 months ago
- ☆22Aug 29, 2024Updated last year
- Event Trace Log file parser in pure Python☆151Nov 27, 2020Updated 5 years ago
- This repo contains miscellaneous tools to aid in your malware analysis.☆13Mar 2, 2021Updated 5 years ago
- All-in-one bundle of MISP, TheHive and Cortex☆168Sep 27, 2022Updated 3 years ago
- A collection of Indicators of Compromise (IoCs), most aligning with samples derived from the signatures in the YARA-Signatures repo☆30Jun 11, 2020Updated 5 years ago