Scripts, Yara rules and other files developed during malware investigations
☆27Aug 19, 2022Updated 3 years ago
Alternatives and similar repositories for malware_analysis
Users that are interested in malware_analysis are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Tracking APT IOCs☆25Nov 16, 2020Updated 5 years ago
- This repository contains analysis scripts, YARA rules, and additional IoCs related to our Telekom Security blog posts.☆122Mar 4, 2026Updated 3 months ago
- Malware Muncher is a proof-of-concept Python script that utilizes the Frida framework for binary instrumentation and API hooking, enablin…☆46Feb 24, 2023Updated 3 years ago
- IDA plugin for automatic deobfuscation of opaque predicates by lifting microcode to z3 for SMT reasoning.☆75Apr 30, 2026Updated 2 months ago
- ☆13Oct 29, 2022Updated 3 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Go Lang Portable Executable Parser☆39Mar 31, 2021Updated 5 years ago
- The Multiplatform Linux Sandbox☆16Dec 19, 2023Updated 2 years ago
- Module for decompressing aPLib compressed data☆18Aug 25, 2022Updated 3 years ago
- Notes and IoCs of fresh malware☆63Jul 5, 2024Updated last year
- All in one - Malware + Analysis by Cylance☆11Nov 23, 2018Updated 7 years ago
- Universal Malware Sample Encryption☆13Jan 5, 2024Updated 2 years ago
- A proof of concept for Metasploit's CVE-2019-5624 vulnerability (Rubyzip insecure ZIP handling RCE)☆13May 2, 2019Updated 7 years ago
- ☆23Mar 17, 2024Updated 2 years ago
- function identification signatures☆12Apr 26, 2021Updated 5 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Easily scan with multiple yara rules from different sources.☆14Mar 9, 2024Updated 2 years ago
- Ida Pro plugin to aid in reverse engineering Rust binaries.☆19Dec 9, 2024Updated last year
- ☆41Apr 5, 2025Updated last year
- IOC from articles, tweets for archives☆318Dec 12, 2023Updated 2 years ago
- Reverse engineered source code of the autochk rootkit☆212Nov 1, 2019Updated 6 years ago
- Source Code of MSIL Ransom☆14Feb 11, 2023Updated 3 years ago
- Use this library to automatically extract PE files compressed with aplib from a binary blob.☆34May 21, 2019Updated 7 years ago
- Threat Box Assessment Tool☆19Mar 5, 2026Updated 3 months ago
- Steezy - Ghetto Yara Generation☆15Mar 27, 2023Updated 3 years ago
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- Code snippets for Qiling Tutorials☆21Aug 22, 2020Updated 5 years ago
- Malware Samples that could be used for teaching students about malware analysis.☆64Apr 8, 2024Updated 2 years ago
- Some portable tools, some YARA, some Python, and a little bit of love. Not all of these tools can be used in incident response. Use PEs…☆39Apr 27, 2025Updated last year
- Download a Bunch of Malware for Demos and Testing☆13Sep 28, 2018Updated 7 years ago
- Code snips and notes☆144Mar 10, 2022Updated 4 years ago
- This repository contains various files linked to Operation Shadowhammer as it was originally discovered by Kaspersky Team.☆12Mar 27, 2019Updated 7 years ago
- This is a repository to experiment with MCP for security☆47Jan 22, 2025Updated last year
- 100 Days of YARA to be updated with rules & ideas as the year progresses☆60Jan 18, 2023Updated 3 years ago
- In this training will be covered about a very basic step for malware analysis. Using several free tools to recognize malware behavior. Si…☆12May 25, 2016Updated 10 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- WslinkVMAnalyzer is a tool to facilitate analysis of code protected by a virtual machine featured in Wslink malware☆48Jun 5, 2022Updated 4 years ago
- powershell script i wrote that can suspend an arbitrary process (with limits)☆22Mar 26, 2023Updated 3 years ago
- ☆35Dec 21, 2023Updated 2 years ago
- Scripts targeting specific families☆13Jul 3, 2017Updated 8 years ago
- ☆77Nov 30, 2023Updated 2 years ago
- Core server components for Assemblyline 4 (Alerter, dispatcher, expiry, ingester, scaler, updater, ...)☆21Updated this week
- ☆218Jun 5, 2025Updated last year