This repository contains sample programs that mimick behavior found in real-world malware. The goal is to provide source code that can be compiled and used for learning purposes, without having to worry about handling live malware.
☆686Jul 6, 2024Updated last year
Alternatives and similar repositories for learning-malware-analysis
Users that are interested in learning-malware-analysis are comparing it to the libraries listed below
Sorting:
- This repository contains sample programs written primarily in C and C++ for learning native code reverse engineering.☆745Nov 30, 2025Updated 3 months ago
- Malware samples, analysis exercises and other interesting resources.☆1,621Jan 13, 2024Updated 2 years ago
- A small program written in C that is designed to load 32/64-bit shellcode and allow for execution or debugging. Can also output PE files …☆172Jul 20, 2024Updated last year
- The FLARE team's open-source tool to identify capabilities in executable files.☆5,890Updated this week
- Malwoverview is a rapid response tool used to gather intelligence information from VirusTotal, Hybrid Analysis, URLHaus, Polyswarm, Malsh…☆3,645Mar 11, 2026Updated last week
- These FLARE-VM configuration files are designed to be help setup a purpose-built installation, remove unnecessary packages to help stream…☆16Apr 10, 2024Updated last year
- A curated list of resources for DFIR through Microsoft Defender for Endpoint leveraging kusto queries, powershell scripts, tools such as …☆454Feb 18, 2026Updated last month
- Awesome list of keywords and artifacts for Threat Hunting sessions☆648Aug 4, 2025Updated 7 months ago
- A list of cyber-chef recipes and curated links☆2,195Jun 14, 2024Updated last year
- Free training course offered at Hack Space Con 2023☆138Apr 13, 2023Updated 2 years ago
- This project aims to compare and evaluate the telemetry of various EDR products.☆1,931Jan 20, 2026Updated 2 months ago
- A resource containing all the tools each ransomware gangs uses☆1,329Updated this week
- ☆164Mar 4, 2025Updated last year
- EDR Lab for Experimentation Purposes☆1,422Mar 1, 2026Updated 2 weeks ago
- A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering env…☆8,438Updated this week
- PoCs and tools for investigation of Windows process execution techniques☆954Feb 2, 2026Updated last month
- Hardcore Debugging☆935Jan 6, 2026Updated 2 months ago
- An analytical challenge created to test junior analysts looking to try performing proactive and reactive cyber threat intelligence.☆202Jul 3, 2024Updated last year
- Some of my publicly available Malware analysis and Reverse engineering.☆940Jun 3, 2024Updated last year
- PowerShell Digital Forensics & Incident Response Scripts.☆778Jan 14, 2026Updated 2 months ago
- Labs for Practical Malware Analysis & Triage☆1,091Feb 23, 2026Updated 3 weeks ago
- A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the …☆1,828Nov 3, 2024Updated last year
- A workshop about Malware Development☆1,771Jun 2, 2023Updated 2 years ago
- Malware Configuration And Payload Extraction☆3,082Updated this week
- Windows kernel and user mode emulation.☆1,896Mar 12, 2026Updated last week
- ☆512Oct 7, 2024Updated last year
- Materials for Windows Malware Analysis training (volume 1)☆2,027Jul 1, 2024Updated last year
- ReversingLabs YARA Rules☆900Nov 3, 2025Updated 4 months ago
- A memory-based evasion technique which makes shellcode invisible from process start to end.☆1,198Oct 16, 2023Updated 2 years ago
- This is a repository of resource about Malware techniques☆825Apr 8, 2023Updated 2 years ago
- A not so awesome list of malware gems for aspiring malware analysts☆828Feb 7, 2023Updated 3 years ago
- Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.☆3,062Feb 24, 2026Updated 3 weeks ago
- Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation o…☆1,151Dec 19, 2025Updated 3 months ago
- MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR☆701Oct 22, 2025Updated 4 months ago
- APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the …☆1,405Nov 7, 2024Updated last year
- IATelligence is a Python script that will extract the IAT of a PE file and request GPT to get more information about the API and the ATT&…☆383Dec 9, 2022Updated 3 years ago
- Awesome Security lists for SOC/CERT/CTI☆1,277Mar 14, 2026Updated last week
- UAC is a powerful and extensible incident response tool designed for forensic investigators, security analysts, and IT professionals. It …☆1,255Updated this week
- Cover various security approaches to attack techniques and also provides new discoveries about security breaches.☆485Apr 17, 2025Updated 11 months ago