Alternatives and similar repositories for linux-malware

Users that are interested in linux-malware are comparing it to the libraries listed below

• nccgroup / exploit_mitigations
  Knowledge base of exploit mitigations available across numerous operating systems, architectures and applications and versions.
  ☆918Updated last year
• jstrosch / malware-samples
  Malware samples, analysis exercises and other interesting resources.
  ☆1,589Updated last year
• hasherezade / malware_training_vol1
  Materials for Windows Malware Analysis training (volume 1)
  ☆2,014Updated last year
• cisagov / CHIRP
  A DFIR tool written in Python.
  ☆1,053Updated 4 years ago
• TheParmak / conti-leaks-englished
  Google and deepl translated conti leaks, which is shared by a member of the conti ransomware group.
  ☆614Updated 3 years ago
• evilbuffer / malware-and-exploitdev-resources
  ☆548Updated 3 years ago
• vxunderground / VXUG-Papers
  Research code & papers from members of vx-underground.
  ☆1,319Updated 3 years ago
• h3xduck / TripleCross
  A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.
  ☆1,909Updated last year
• cert-ee / cuckoo3
  Cuckoo3 is a Python 3 open source automated malware analysis system.
  ☆776Updated 4 months ago
• ForbiddenProgrammer / conti-pentester-guide-leak
  Leaked pentesting manuals given to Conti ransomware crooks
  ☆1,069Updated 4 years ago
• a13xp0p0v / linux-kernel-defence-map
  Linux Kernel Defence Map shows the relationships between vulnerability classes, exploitation techniques, bug detection mechanisms, and de…
  ☆2,242Updated 10 months ago
• redcode-labs / Coldfire
  Golang malware development library
  ☆974Updated 11 months ago
• mufeedvh / moonwalk
  Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps.
  ☆1,471Updated 3 years ago
• 0x4143 / malware-gems
  A not so awesome list of malware gems for aspiring malware analysts
  ☆823Updated 2 years ago
• mandiant / speakeasy
  Windows kernel and user mode emulation.
  ☆1,786Updated 7 months ago
• CERT-Polska / drakvuf-sandbox
  DRAKVUF Sandbox - automated hypervisor-level malware analysis system
  ☆1,231Updated this week
• citronneur / pamspy
  Credentials Dumper for Linux using eBPF
  ☆1,150Updated last year
• fr0gger / Awesome_Malware_Techniques
  This is a repository of resource about Malware techniques
  ☆816Updated 2 years ago
• DavidBuchanan314 / monomorph
  MD5-Monomorphic Shellcode Packer - all payloads have the same MD5 hash
  ☆798Updated 3 years ago
• roadwy / RIP
  ☆1,463Updated last year
• 0vercl0k / wtf
  wtf is a distributed, code-coverage guided, customizable, cross-platform snapshot-based fuzzer designed for attacking user and / or kerne…
  ☆1,695Updated 3 weeks ago
• curated-intel / Ukraine-Cyber-Operations
  Curated Intelligence is working with analysts from around the world to provide useful information to organisations in Ukraine looking for…
  ☆935Updated 2 years ago
• saferwall / saferwall
  Collaborative Malware Analysis Platform at Scale
  ☆766Updated last month
• arget13 / DDexec
  A technique to run binaries filelessly and stealthily on Linux by "overwriting" the shell's process with another.
  ☆871Updated 8 months ago
• cristianzsh / freki
  Malware analysis platform
  ☆445Updated last year
• tmpout / awesome-elf
  ☆645Updated 7 months ago
• e-m-b-a / emba
  EMBA - The firmware security analyzer
  ☆3,207Updated this week
• hasherezade / hollows_hunter
  Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks,…
  ☆2,266Updated 3 weeks ago
• Markakd / DirtyCred
  Kernel exploitation technique
  ☆578Updated 2 years ago
• alexandreborges / malwoverview
  Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Po…
  ☆3,461Updated 2 weeks ago