This repository contains sample programs that mimick behavior found in real-world malware. The goal is to provide source code that can be compiled and used for learning purposes, without having to worry about handling live malware.
☆693Jul 6, 2024Updated last year
Alternatives and similar repositories for learning-malware-analysis
Users that are interested in learning-malware-analysis are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- This repository contains sample programs written primarily in C and C++ for learning native code reverse engineering.☆760Nov 30, 2025Updated 5 months ago
- Malware samples, analysis exercises and other interesting resources.☆1,630Jan 13, 2024Updated 2 years ago
- A small program written in C that is designed to load 32/64-bit shellcode and allow for execution or debugging. Can also output PE files …☆174Jul 20, 2024Updated last year
- The FLARE team's open-source tool to identify capabilities in executable files.☆5,982Updated this week
- These FLARE-VM configuration files are designed to be help setup a purpose-built installation, remove unnecessary packages to help stream…☆16Apr 10, 2024Updated 2 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Malwoverview is a first response tool for threat hunting across VirusTotal, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, M…☆3,760Apr 16, 2026Updated 2 weeks ago
- A curated list of resources for DFIR through Microsoft Defender for Endpoint leveraging kusto queries, powershell scripts, tools such as …☆466Feb 18, 2026Updated 2 months ago
- Awesome list of keywords and artifacts for Threat Hunting sessions☆654Aug 4, 2025Updated 8 months ago
- A list of cyber-chef recipes and curated links☆2,202Jun 14, 2024Updated last year
- Free training course offered at Hack Space Con 2023☆138Apr 13, 2023Updated 3 years ago
- A resource containing all the tools each ransomware gangs uses☆1,355Apr 1, 2026Updated last month
- This project aims to compare and evaluate the telemetry of various EDR products.☆1,948Updated this week
- ☆165Mar 4, 2025Updated last year
- EDR Lab for Experimentation Purposes☆1,442Mar 1, 2026Updated 2 months ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering env…☆8,593Mar 20, 2026Updated last month
- PoCs and tools for investigation of Windows process execution techniques☆957Feb 2, 2026Updated 2 months ago
- Hardcore Debugging☆937Apr 9, 2026Updated 3 weeks ago
- An analytical challenge created to test junior analysts looking to try performing proactive and reactive cyber threat intelligence.☆205Jul 3, 2024Updated last year
- Some of my publicly available Malware analysis and Reverse engineering.☆950Jun 3, 2024Updated last year
- PowerShell Digital Forensics & Incident Response Scripts.☆782Jan 14, 2026Updated 3 months ago
- Labs for Practical Malware Analysis & Triage☆1,116Mar 29, 2026Updated last month
- A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the …☆1,859Nov 3, 2024Updated last year
- A workshop about Malware Development☆1,778Jun 2, 2023Updated 2 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Malware Configuration And Payload Extraction☆3,165Updated this week
- Windows kernel and user mode emulation.☆1,949Apr 8, 2026Updated 3 weeks ago
- ☆509Oct 7, 2024Updated last year
- Materials for Windows Malware Analysis training (volume 1)☆2,035Jul 1, 2024Updated last year
- ReversingLabs YARA Rules☆911Nov 3, 2025Updated 5 months ago
- A memory-based evasion technique which makes shellcode invisible from process start to end.☆1,198Oct 16, 2023Updated 2 years ago
- A not so awesome list of malware gems for aspiring malware analysts☆830Feb 7, 2023Updated 3 years ago
- This is a repository of resource about Malware techniques☆858Apr 8, 2023Updated 3 years ago
- Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.☆3,135Updated this week
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR☆706Apr 21, 2026Updated last week
- Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation o…☆1,175Apr 1, 2026Updated 3 weeks ago
- APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the …☆1,407Nov 7, 2024Updated last year
- IATelligence is a Python script that will extract the IAT of a PE file and request GPT to get more information about the API and the ATT&…☆384Dec 9, 2022Updated 3 years ago
- Cover various security approaches to attack techniques and also provides new discoveries about security breaches.☆485Apr 17, 2025Updated last year
- Segugio allows the execution and tracking of critical steps in the malware detonation process, from clicking on the first stage to extrac…☆151Sep 21, 2024Updated last year
- UAC is a powerful and extensible incident response tool designed for forensic investigators, security analysts, and IT professionals. It …☆1,314Apr 16, 2026Updated 2 weeks ago