Malware Analysis for Malware
Tools and techniques for analyzing, reverse-engineering, and understanding malicious software. Task: MalwareExplore 31 curated tools and resources
Search by name, description, or purpose... (⌘+K)
RELATED TASKS
PINNED
Promoted • 6 toolsCommercial
Data Protection
Commercial
Network Security
Commercial
Consulting
Commercial
Application Security
Commercial
Cloud Security
Commercial
Application Security
Want your tool featured here?
Get maximum visibility with pinned placement
LATEST ADDITIONS
A GitHub repository for fuzzing and testing file formats
CrowdFMS is a CrowdStrike framework that automates malware sample collection from VirusTotal using YARA rule-based notifications and the Private API system.
CrowdFMS is a CrowdStrike framework that automates malware sample collection from VirusTotal using YARA rule-based notifications and the Private API system.
YaraHunter scans container images, running Docker containers, and filesystems using YARA rules to detect malware indicators and signs of compromise.
YaraHunter scans container images, running Docker containers, and filesystems using YARA rules to detect malware indicators and signs of compromise.
A repository of YARA rules for identifying and classifying malware through pattern-based detection.
A repository of YARA rules for identifying and classifying malware through pattern-based detection.
A dataset release policy for the Android Malware Genome Project, requiring authentication and justification for access to the dataset.
A dataset release policy for the Android Malware Genome Project, requiring authentication and justification for access to the dataset.
A Yara ruleset designed to detect PHP shells and other webserver malware for malware analysis and threat detection.
A Yara ruleset designed to detect PHP shells and other webserver malware for malware analysis and threat detection.
Largest open collection of Android malware samples, with 298 samples and contributions welcome.
Largest open collection of Android malware samples, with 298 samples and contributions welcome.
A simple framework for extracting actionable data from Android malware
A simple framework for extracting actionable data from Android malware
UDcide is an Android malware analysis tool that detects and removes specific malicious behaviors from malware samples while preserving the binary for investigation purposes.
UDcide is an Android malware analysis tool that detects and removes specific malicious behaviors from malware samples while preserving the binary for investigation purposes.
AutoYara is a Java tool that automatically generates YARA rules from malware samples using biclustering algorithms to help analysts create detection rules for malware families.
AutoYara is a Java tool that automatically generates YARA rules from malware samples using biclustering algorithms to help analysts create detection rules for malware families.
An OCaml Ctypes wrapper for the YARA matching engine that enables malware identification capabilities in OCaml applications.
An OCaml Ctypes wrapper for the YARA matching engine that enables malware identification capabilities in OCaml applications.
Explores malware interaction with Windows API and methods for detection and prevention.
Explores malware interaction with Windows API and methods for detection and prevention.
Identifies 137 malicious npm packages and gathers system information to a remote server.
Identifies 137 malicious npm packages and gathers system information to a remote server.
Repository of scripts, signatures, and IOCs related to various malware analysis topics.
Repository of scripts, signatures, and IOCs related to various malware analysis topics.
FLARE-VM is a Windows virtual machine setup tool that automates the installation and configuration of reverse engineering and malware analysis software using Chocolatey and Boxstarter technologies.
FLARE-VM is a Windows virtual machine setup tool that automates the installation and configuration of reverse engineering and malware analysis software using Chocolatey and Boxstarter technologies.
A tool that enables Yara rule execution against compressed malware samples, supporting GZip, BZip2, and LZMA formats without manual decompression.
A tool that enables Yara rule execution against compressed malware samples, supporting GZip, BZip2, and LZMA formats without manual decompression.
Platform for uploading, searching, and downloading malware samples.
Tool for fingerprinting malware HTTP requests.
A Python wrapper for the Libemu library that enables shellcode analysis and malicious code examination through programmatic interfaces.
A Python wrapper for the Libemu library that enables shellcode analysis and malicious code examination through programmatic interfaces.
TeamTNT is modifying its malicious shell scripts after they were made public by security researchers.
TeamTNT is modifying its malicious shell scripts after they were made public by security researchers.
A detailed analysis of malicious packages and how they work
A detailed analysis of malicious packages and how they work
A minimal, consistent API for building integrations with malware sandboxes
A minimal, consistent API for building integrations with malware sandboxes
A sandbox for quickly sandboxing known or unknown families of Android Malware
A sandbox for quickly sandboxing known or unknown families of Android Malware