A collection of resources if you want to get into malware research. Pull requests are very welcome.
☆125Mar 28, 2019Updated 7 years ago
Alternatives and similar repositories for malware-analysis-resources
Users that are interested in malware-analysis-resources are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Analysis of techniques used by Conti ransomware affiliates from their leaked manuals.☆19Aug 29, 2021Updated 4 years ago
- A collection of notes and rules (Snort/Suricata, Sigma, and YARA) to identify various samples of malware.☆14Sep 7, 2021Updated 4 years ago
- ☆14Jun 5, 2019Updated 6 years ago
- Helper scripts to automate the extraction of YARA rules from XProtectRemediators☆22Mar 5, 2024Updated 2 years ago
- A Wordpress exploitation toolkit☆15Nov 22, 2017Updated 8 years ago
- Deploy open-source AI quickly and easily - Special Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- Imphash-like calculation on Golang binaries☆50Jul 2, 2022Updated 3 years ago
- Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.☆32Nov 23, 2025Updated 6 months ago
- This repository contains a mindmap for different techniques for using Censys Search☆15Sep 17, 2025Updated 8 months ago
- Links or additional data to some researches☆14May 24, 2019Updated 7 years ago
- Yara matching in ElasticSearch.☆10Jun 12, 2018Updated 7 years ago
- Personal notes and lab results pertaining to the text "Practical Malware Analysis" by Michael Sikorski and Andrew Honiq.☆12Oct 28, 2017Updated 8 years ago
- IDA Terminal☆19Feb 27, 2026Updated 2 months ago
- JPCERT/CC public YARA rules repository☆111Mar 9, 2026Updated 2 months ago
- ncurses shellcode/instructions tester using unicorn-engine☆13Feb 1, 2025Updated last year
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- ☆13Aug 11, 2018Updated 7 years ago
- Binary Ninja plugin for interacting with the OALabs HashDB service☆21Nov 1, 2024Updated last year
- Malicious URLs and IP Addresses compiled by USOM (Computer Emergency Response Team of Turkey), updated once a day.☆22May 19, 2026Updated last week
- Extracts Azure authentication tokens from PowerShell process minidumps.☆25May 20, 2023Updated 3 years ago
- Work in Progress repo☆16Apr 18, 2019Updated 7 years ago
- Jupyter Univere is a search engine for all infosec jupyter notebooks☆37Mar 24, 2025Updated last year
- ☆12Jun 22, 2022Updated 3 years ago
- easily upgrade any TCP Socket class to a WebSocket implementation including streaming deflate☆17Dec 23, 2025Updated 5 months ago
- Top domains list generated by Webshrinker and DNSFilter☆17Sep 30, 2024Updated last year
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- Ransomware Simulator for Blue team ,Ransomware Simulator for Red team ,Ransomware infographic, open source Anti Ransomware, Ransomware As…☆34Jun 29, 2021Updated 4 years ago
- A Virtual World Platform for the future☆10Nov 13, 2023Updated 2 years ago
- A PowerShell script to prevent Sysmon from writing its events☆17Apr 23, 2020Updated 6 years ago
- pwndbg configuration to use tmux panes☆14Jan 15, 2025Updated last year
- Scans a list of raccoon servers from Tria.ge and extracts the config☆15Jun 5, 2023Updated 2 years ago
- Browse Windows Prefetch versions: 17,23,26,30v1/2,31 & some of SuperFetch .7db/.db's☆65Dec 18, 2024Updated last year
- A C# based tool for analysing malicious OneNote documents☆119Apr 4, 2023Updated 3 years ago
- An Internet-Draft for the Balloon Key Derivation Function (BKDF), a memory-hard password hashing and password-based key derivation functi…☆11Jun 29, 2025Updated 10 months ago
- Proof-of-concept modular implant platform leveraging v8☆55Mar 4, 2025Updated last year
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- ☆22Aug 29, 2024Updated last year
- Event Trace Log file parser in pure Python☆153Updated this week
- ProcDot Malware Sandbox☆26Jul 28, 2025Updated 9 months ago
- This repo contains miscellaneous tools to aid in your malware analysis.☆13Mar 2, 2021Updated 5 years ago
- Whole Feedbin stack in a container.☆31Updated this week
- All-in-one bundle of MISP, TheHive and Cortex☆168Sep 27, 2022Updated 3 years ago
- A collection of Indicators of Compromise (IoCs), most aligning with samples derived from the signatures in the YARA-Signatures repo☆30Jun 11, 2020Updated 5 years ago