Malware Analysis
Tools and techniques for analyzing, reverse-engineering, and understanding malicious software.Explore 259 curated tools and resources
Search tools and resources by name, description, or purpose... (⌘+K)
RELATED TASKS
PINNED
A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.
A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.
OSINTLeak is a tool for discovering and analyzing leaked sensitive information across various online sources to identify potential security risks.
OSINTLeak is a tool for discovering and analyzing leaked sensitive information across various online sources to identify potential security risks.
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
LATEST ADDITIONS
Parse YARA rules into a dictionary representation.
Binary Ninja is an interactive decompiler, disassembler, debugger, and binary analysis platform with a focus on automation and a clean GUI.
Binary Ninja is an interactive decompiler, disassembler, debugger, and binary analysis platform with a focus on automation and a clean GUI.
Identifies 137 malicious npm packages and gathers system information to a remote server.
Identifies 137 malicious npm packages and gathers system information to a remote server.
Holistic malware analysis platform with interactive sandbox, static analyzer, and emulation capabilities.
Holistic malware analysis platform with interactive sandbox, static analyzer, and emulation capabilities.
A write-up of the reverse engineering challenge from the 2019 BambooFox CTF competition
A write-up of the reverse engineering challenge from the 2019 BambooFox CTF competition
A tool that extracts and deobfuscates strings from malware binaries using advanced static analysis techniques.
A tool that extracts and deobfuscates strings from malware binaries using advanced static analysis techniques.
Yabin creates Yara signatures from malware to find similar samples.
A .NET wrapper for libyara that provides a simplified API for developing tools in C# and PowerShell.
A .NET wrapper for libyara that provides a simplified API for developing tools in C# and PowerShell.
One stop shop for decompiling Android apps with a focus on regenerating R references.
One stop shop for decompiling Android apps with a focus on regenerating R references.
A 32-bit assembler level analyzing debugger for Microsoft Windows.
A 32-bit assembler level analyzing debugger for Microsoft Windows.
A disassembly framework with support for multiple hardware architectures and clean API.
A disassembly framework with support for multiple hardware architectures and clean API.
A web-based manager for Yara rules, allowing for storage, editing, and management of Yara rules.
A web-based manager for Yara rules, allowing for storage, editing, and management of Yara rules.
Repository of scripts, signatures, and IOCs related to various malware analysis topics.
Repository of scripts, signatures, and IOCs related to various malware analysis topics.
A program to manage yara ruleset in a database with support for different databases and configuration options.
A program to manage yara ruleset in a database with support for different databases and configuration options.