A curated list of awesome malware analysis tools and resources
☆14Mar 31, 2016Updated 10 years ago
Alternatives and similar repositories for awesome-malware-analysis
Users that are interested in awesome-malware-analysis are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A fork of The Sleuthkit with Pooled Storage and APFS support. See https://www.youtube.com/watch?v=k1XPillJ7aw for more info and usage.☆27Oct 27, 2019Updated 6 years ago
- USN to JSON☆22Apr 4, 2020Updated 6 years ago
- This project is a lightweight wrapper for interacting with WMI using python/ctypes☆39Apr 6, 2019Updated 7 years ago
- Binaries for the log2timeline projects and dependencies☆40May 14, 2026Updated last month
- Navigating Apple Bookmarks☆23Feb 19, 2025Updated last year
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Python script to batch query the Tor Relays and Bridges☆41Mar 8, 2019Updated 7 years ago
- Extract common Windows artifacts from source images and VSCs☆65May 10, 2021Updated 5 years ago
- PowerGRR is an API client library in PowerShell working on Windows, Linux and macOS for GRR automation and scripting.☆57Mar 18, 2022Updated 4 years ago
- Aruba AOS8, InfluxDB and Grafana: How to create your own dashboard☆11Aug 4, 2019Updated 6 years ago
- Python script to parse the Most Recently Used (MRU) plist files on macOS into a more human friendly format.☆111Feb 22, 2018Updated 8 years ago
- ☆66Jan 27, 2023Updated 3 years ago
- MantaRay Automated Computer Forensic Triage Tool☆66Feb 19, 2019Updated 7 years ago
- Universal Radio Hacker: investigate wireless protocols like a boss 📡😎☆17Nov 10, 2019Updated 6 years ago
- Zabbix Template like Smokeping(Measure icmp latency, http latancy)☆17Aug 8, 2014Updated 11 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Graphical map of known Advanced Persistent Threats☆65Jan 31, 2026Updated 5 months ago
- Yet another registry parser☆138Apr 15, 2022Updated 4 years ago
- VB Exe Parser is an IDA script written in Python. This script will help you to parse VB program internal structures. It can find: Event, …☆17Oct 8, 2016Updated 9 years ago
- A bunch of library code that can easily be included in new/prototype projects with few (usually zero) dependencies, even on themselves.☆12Jul 26, 2020Updated 5 years ago
- A utility to force query DNS over DoH off of CloudFlare API when DNS block is in place☆10Aug 26, 2018Updated 7 years ago
- Swift CLI for Apple School & Business Manager APIs — get devices info and assign/unassign Device Management Services in bulk.☆138Jun 20, 2026Updated last week
- Demonstrate the new FileDispositionInfoEx behavior☆15Nov 6, 2017Updated 8 years ago
- Help deobfuscate VBScript☆18Jul 1, 2022Updated 3 years ago
- Windows device tree walker☆15Sep 19, 2018Updated 7 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- ☆12Dec 14, 2016Updated 9 years ago
- Demonstrate the behavior of the tunnel cache on Windows☆11Aug 13, 2019Updated 6 years ago
- v1版完成对PE头,区段,输入表的解析☆11Apr 16, 2018Updated 8 years ago
- Fetching data from system☆11Jun 18, 2017Updated 9 years ago
- Minimal C port of UTF8-CPP☆12Jun 2, 2019Updated 7 years ago
- Server for receiving autorun data from the clients☆13Sep 26, 2017Updated 8 years ago
- Simple x64dbg plugin to show registers on every step.☆16Jul 27, 2019Updated 6 years ago
- Hundred Days of Yara Challenge☆12Jun 21, 2022Updated 4 years ago
- Primarily aimed at replicating files that cannot be directly copied due to being in use.☆10Apr 22, 2024Updated 2 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Library and tools to access the GUID Partition Table (GPT) volume system format☆11Jun 22, 2026Updated last week
- Collecting & Hunting for IOCs with gusto and style☆118Aug 9, 2018Updated 7 years ago
- Windows Live Artifacts Acquisition Script☆192Jun 20, 2022Updated 4 years ago
- CoreFollowUp phishing attack on macOS☆15Mar 15, 2022Updated 4 years ago
- Digital Forensics Virtual File System (dfVFS)☆218May 27, 2026Updated last month
- Mimikatz embedded as classes☆27Oct 25, 2021Updated 4 years ago
- Python 3 Script to parse out iTunes backups☆191Oct 16, 2023Updated 2 years ago