Tools and techniques for analyzing, reverse-engineering, and understanding malicious software. Task: MalwareExplore 21 curated tools and resources
Want your tool featured here?
Get maximum visibility with pinned placement
A GitHub repository for fuzzing and testing file formats
A collection of Yara rules for identifying malicious PEs with unique or suspicious PDB paths.
A collection of Yara rules for identifying malicious PEs with unique or suspicious PDB paths.
A dataset release policy for the Android Malware Genome Project, requiring authentication and justification for access to the dataset.
A dataset release policy for the Android Malware Genome Project, requiring authentication and justification for access to the dataset.
Largest open collection of Android malware samples, with 298 samples and contributions welcome.
Largest open collection of Android malware samples, with 298 samples and contributions welcome.
A simple framework for extracting actionable data from Android malware
A simple framework for extracting actionable data from Android malware
UDcide provides an alternative approach to dealing with Android malware by targeting specific behaviors for removal.
UDcide provides an alternative approach to dealing with Android malware by targeting specific behaviors for removal.
Explores malware interaction with Windows API and methods for detection and prevention.
Explores malware interaction with Windows API and methods for detection and prevention.
Identifies 137 malicious npm packages and gathers system information to a remote server.
Identifies 137 malicious npm packages and gathers system information to a remote server.
Repository of scripts, signatures, and IOCs related to various malware analysis topics.
Repository of scripts, signatures, and IOCs related to various malware analysis topics.
Platform for uploading, searching, and downloading malware samples.
Tool for fingerprinting malware HTTP requests.
TeamTNT is modifying its malicious shell scripts after they were made public by security researchers.
TeamTNT is modifying its malicious shell scripts after they were made public by security researchers.
A detailed analysis of malicious packages and how they work
A detailed analysis of malicious packages and how they work
A minimal, consistent API for building integrations with malware sandboxes
A minimal, consistent API for building integrations with malware sandboxes
A sandbox for quickly sandboxing known or unknown families of Android Malware
A sandbox for quickly sandboxing known or unknown families of Android Malware
A multithreaded YARA scanner for incident response or malware zoos.
A multithreaded YARA scanner for incident response or malware zoos.
A generator for YARA rules that creates rules from strings found in malware files while removing strings from goodware files.
A generator for YARA rules that creates rules from strings found in malware files while removing strings from goodware files.
Repository of TRISIS/TRITON/HatMan malware samples and decompiled sources targeting ICS Triconex SIS controllers.
Repository of TRISIS/TRITON/HatMan malware samples and decompiled sources targeting ICS Triconex SIS controllers.
Repository of YARA rules for Trellix ATR blogposts and investigations
Repository of YARA rules for Trellix ATR blogposts and investigations
Studying Android malware behaviors through Information Flow monitoring techniques.
Studying Android malware behaviors through Information Flow monitoring techniques.