This repository contains sample programs that mimick behavior found in real-world malware. The goal is to provide source code that can be compiled and used for learning purposes, without having to worry about handling live malware.
☆696Jul 6, 2024Updated last year
Alternatives and similar repositories for learning-malware-analysis
Users that are interested in learning-malware-analysis are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- This repository contains sample programs written primarily in C and C++ for learning native code reverse engineering.☆762Nov 30, 2025Updated 6 months ago
- Malware samples, analysis exercises and other interesting resources.☆1,639Jan 13, 2024Updated 2 years ago
- A small program written in C that is designed to load 32/64-bit shellcode and allow for execution or debugging. Can also output PE files …☆174Jul 20, 2024Updated last year
- The FLARE team's open-source tool to identify capabilities in executable files.☆6,041Updated this week
- These FLARE-VM configuration files are designed to be help setup a purpose-built installation, remove unnecessary packages to help stream…☆16Apr 10, 2024Updated 2 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Malwoverview is a first response tool for threat hunting across VirusTotal, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, M…☆3,861Jun 2, 2026Updated last week
- A curated list of resources for DFIR through Microsoft Defender for Endpoint leveraging kusto queries, powershell scripts, tools such as …☆468Feb 18, 2026Updated 3 months ago
- Awesome list of keywords and artifacts for Threat Hunting sessions☆658Aug 4, 2025Updated 10 months ago
- A list of cyber-chef recipes and curated links☆2,205Jun 14, 2024Updated last year
- Free training course offered at Hack Space Con 2023☆138Apr 13, 2023Updated 3 years ago
- A resource containing all the tools each ransomware gangs uses☆1,385May 26, 2026Updated 2 weeks ago
- This project aims to compare and evaluate the telemetry of various EDR products.☆1,965May 17, 2026Updated 3 weeks ago
- ☆168Mar 4, 2025Updated last year
- EDR Lab for Experimentation Purposes☆1,453Mar 1, 2026Updated 3 months ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering env…☆8,746Apr 28, 2026Updated last month
- PoCs and tools for investigation of Windows process execution techniques☆960Feb 2, 2026Updated 4 months ago
- Hardcore Debugging☆941Apr 9, 2026Updated 2 months ago
- An analytical challenge created to test junior analysts looking to try performing proactive and reactive cyber threat intelligence.☆202Jul 3, 2024Updated last year
- Some of my publicly available Malware analysis and Reverse engineering.☆952Jun 3, 2024Updated 2 years ago
- PowerShell Digital Forensics & Incident Response Scripts.☆796May 26, 2026Updated 2 weeks ago
- Materials for Windows Malware Analysis training (volume 1)☆2,081Jul 1, 2024Updated last year
- Labs for Practical Malware Analysis & Triage☆1,128Mar 29, 2026Updated 2 months ago
- A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the …☆1,864Nov 3, 2024Updated last year
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- A workshop about Malware Development☆1,790Jun 2, 2023Updated 3 years ago
- Malware Configuration And Payload Extraction☆3,251Updated this week
- Windows kernel and user mode emulation.☆1,983May 21, 2026Updated 2 weeks ago
- ☆508Oct 7, 2024Updated last year
- ReversingLabs YARA Rules☆918Nov 3, 2025Updated 7 months ago
- A memory-based evasion technique which makes shellcode invisible from process start to end.☆1,198Oct 16, 2023Updated 2 years ago
- Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.☆3,191May 28, 2026Updated last week
- A not so awesome list of malware gems for aspiring malware analysts☆830Feb 7, 2023Updated 3 years ago
- This is a repository of resource about Malware techniques☆857Apr 8, 2023Updated 3 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR☆717May 2, 2026Updated last month
- Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation o…☆1,208Jun 3, 2026Updated last week
- APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the …☆1,410Nov 7, 2024Updated last year
- IATelligence is a Python script that will extract the IAT of a PE file and request GPT to get more information about the API and the ATT&…☆384Dec 9, 2022Updated 3 years ago
- Cover various security approaches to attack techniques and also provides new discoveries about security breaches.☆486Apr 17, 2025Updated last year
- Segugio allows the execution and tracking of critical steps in the malware detonation process, from clicking on the first stage to extrac…☆151Sep 21, 2024Updated last year
- UAC is a powerful and extensible incident response tool designed for forensic investigators, security analysts, and IT professionals. It …☆1,375May 28, 2026Updated last week