Alternatives and similar repositories for linux-malware

Users that are interested in linux-malware are comparing it to the libraries listed below

• nccgroup / exploit_mitigations
  Knowledge base of exploit mitigations available across numerous operating systems, architectures and applications and versions.
  ☆922Updated last year
• TheParmak / conti-leaks-englished
  Google and deepl translated conti leaks, which is shared by a member of the conti ransomware group.
  ☆617Updated 3 years ago
• hasherezade / malware_training_vol1
  Materials for Windows Malware Analysis training (volume 1)
  ☆2,024Updated last year
• jstrosch / malware-samples
  Malware samples, analysis exercises and other interesting resources.
  ☆1,607Updated 2 years ago
• vxunderground / VXUG-Papers
  Research code & papers from members of vx-underground.
  ☆1,351Updated 4 years ago
• cisagov / CHIRP
  A DFIR tool written in Python.
  ☆1,053Updated 4 years ago
• h3xduck / TripleCross
  A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.
  ☆1,936Updated last year
• citronneur / pamspy
  Credentials Dumper for Linux using eBPF
  ☆1,157Updated last year
• 0x4143 / malware-gems
  A not so awesome list of malware gems for aspiring malware analysts
  ☆828Updated 2 years ago
• mufeedvh / moonwalk
  Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps.
  ☆1,475Updated 3 years ago
• fr0gger / Awesome_Malware_Techniques
  This is a repository of resource about Malware techniques
  ☆822Updated 2 years ago
• ForbiddenProgrammer / conti-pentester-guide-leak
  Leaked pentesting manuals given to Conti ransomware crooks
  ☆1,078Updated 4 years ago
• cert-ee / cuckoo3
  Cuckoo3 is a Python 3 open source automated malware analysis system.
  ☆797Updated last month
• DavidBuchanan314 / monomorph
  MD5-Monomorphic Shellcode Packer - all payloads have the same MD5 hash
  ☆795Updated 3 years ago
• ashemery / exploitation-course
  Offensive Software Exploitation Course
  ☆2,396Updated 2 years ago
• rabbitstack / fibratus
  Adversary tradecraft detection, protection, and hunting
  ☆2,423Updated last week
• alexandreborges / malwoverview
  Malwoverview is a rapid response tool used to gather intelligence information from VirusTotal, Hybrid Analysis, URLHaus, Polyswarm, Malsh…
  ☆3,523Updated 2 weeks ago
• roadwy / RIP
  ☆1,456Updated 2 years ago
• ashemery / LinuxForensics
  Everything related to Linux Forensics
  ☆719Updated 2 years ago
• hasherezade / hollows_hunter
  Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks,…
  ☆2,307Updated 3 months ago
• e-m-b-a / emba
  EMBA - The firmware security analyzer
  ☆3,338Updated last week
• curated-intel / Ukraine-Cyber-Operations
  Curated Intelligence is working with analysts from around the world to provide useful information to organisations in Ukraine looking for…
  ☆937Updated 2 years ago
• mandiant / speakeasy
  Windows kernel and user mode emulation.
  ☆1,831Updated last week
• bee-san / Name-That-Hash
  🔗 Don't know what type of hash it is? Name That Hash will name that hash type! 🤖 Identify MD5, SHA256 and 300+ other hashes ☄ Comes wi…
  ☆1,629Updated last month
• binref / refinery
  High Octane Triage Analysis
  ☆806Updated this week
• redballoonsecurity / ofrak
  OFRAK: unpack, modify, and repack binaries.
  ☆2,020Updated last week
• Jayy001 / Search-That-Hash
  🔎Searches Hash APIs to crack your hash quickly🔎 If hash is not found, automatically pipes into HashCat⚡
  ☆1,398Updated 11 months ago
• redcode-labs / neurax
  A framework for constructing self-spreading binaries
  ☆1,022Updated 2 years ago
• cristianzsh / freki
  Malware analysis platform
  ☆445Updated 2 years ago
• securisec / chepy
  Chepy is a python lib/cli equivalent of the awesome CyberChef tool.
  ☆1,027Updated last month