Malware Analysis for Binary Analysis
Tools and techniques for analyzing, reverse-engineering, and understanding malicious software. Task: Binary AnalysisExplore 44 curated tools and resources
Search by name, description, or purpose... (⌘+K)
RELATED TASKS
PINNED
Promoted • 4 tools
Commercial
Consulting
Commercial
Application Security
Commercial
Cloud Security
Commercial
Application Security
Want your tool featured here?
Get maximum visibility with pinned placement
LATEST ADDITIONS
An open-source binary debugger for Windows with a comprehensive plugin system for malware analysis and reverse engineering.
An open-source binary debugger for Windows with a comprehensive plugin system for malware analysis and reverse engineering.
A malware/botnet analysis framework with a focus on network analysis and process comparison.
A malware/botnet analysis framework with a focus on network analysis and process comparison.
Dynamic binary analysis library with various analysis and emulation capabilities.
Dynamic binary analysis library with various analysis and emulation capabilities.
Pwndbg is a GDB plug-in that enhances the debugging experience for low-level software developers, hardware hackers, reverse-engineers, and exploit developers.
Pwndbg is a GDB plug-in that enhances the debugging experience for low-level software developers, hardware hackers, reverse-engineers, and exploit developers.
Generates a YARA rule to match basic blocks of the current function in IDA Pro
Generates a YARA rule to match basic blocks of the current function in IDA Pro
A malware processing and analytics tool that utilizes Pig, Django, and Elasticsearch to analyze and visualize malware data.
A malware processing and analytics tool that utilizes Pig, Django, and Elasticsearch to analyze and visualize malware data.
angr is a Python 3 library for binary analysis with various capabilities like symbolic execution and decompilation.
angr is a Python 3 library for binary analysis with various capabilities like symbolic execution and decompilation.
Generate Yara rules from function basic blocks in x64dbg.
Generate Yara rules from function basic blocks in x64dbg.
BARF is an open source binary analysis framework for supporting various binary code analysis tasks in information security.
BARF is an open source binary analysis framework for supporting various binary code analysis tasks in information security.
A minimal library to generate YARA rules from JAVA with maven support.
A minimal library to generate YARA rules from JAVA with maven support.
PLASMA is an interactive disassembler with support for various architectures and formats, offering a Python API for scripting.
PLASMA is an interactive disassembler with support for various architectures and formats, offering a Python API for scripting.
A binary analysis and management framework for organizing and analyzing malware and exploit samples, and creating plugins.
A binary analysis and management framework for organizing and analyzing malware and exploit samples, and creating plugins.
Andromeda makes reverse engineering of Android applications faster and easier.
Andromeda makes reverse engineering of Android applications faster and easier.
Automate the process of writing YARA rules based on executable code within malware.
Automate the process of writing YARA rules based on executable code within malware.
A .Net wrapper library for the native Yara library with interoperability and portability features.
A .Net wrapper library for the native Yara library with interoperability and portability features.
A collection of reverse engineering challenges covering a wide range of topics and difficulty levels.
A collection of reverse engineering challenges covering a wide range of topics and difficulty levels.
Binary Ninja is an interactive decompiler, disassembler, debugger, and binary analysis platform with a focus on automation and a clean GUI.
Binary Ninja is an interactive decompiler, disassembler, debugger, and binary analysis platform with a focus on automation and a clean GUI.
Yabin creates Yara signatures from malware to find similar samples.
A 32-bit assembler level analyzing debugger for Microsoft Windows.
A 32-bit assembler level analyzing debugger for Microsoft Windows.
A disassembly framework with support for multiple hardware architectures and clean API.
A disassembly framework with support for multiple hardware architectures and clean API.
An open source machine code decompiler that converts binary executables into readable C source code across multiple architectures and file formats.
An open source machine code decompiler that converts binary executables into readable C source code across multiple architectures and file formats.
Automatic YARA rule generation for malware repositories.
YARA module for supporting DCSO format bloom filters with hashlookup capabilities.
YARA module for supporting DCSO format bloom filters with hashlookup capabilities.