Malware Analysis
Tools and techniques for analyzing, reverse-engineering, and understanding malicious software.Explore 256 curated tools and resources
Search by name, description, or purpose... (⌘+K)
RELATED TASKS
PINNED
Promoted • 4 tools
Commercial
Consulting
Commercial
Application Security
Commercial
Cloud Security
Commercial
Application Security
Want your tool featured here?
Get maximum visibility with pinned placement
LATEST ADDITIONS
Binary analysis and management framework for organizing malware and exploit samples.
Binary analysis and management framework for organizing malware and exploit samples.
Repository of TRISIS/TRITON/HatMan malware samples and decompiled sources targeting ICS Triconex SIS controllers.
Repository of TRISIS/TRITON/HatMan malware samples and decompiled sources targeting ICS Triconex SIS controllers.
Repository of YARA rules for Trellix ATR blogposts and investigations
Repository of YARA rules for Trellix ATR blogposts and investigations
Blazingly fast Yara queries for malware analysts with an analyst-friendly web GUI.
Blazingly fast Yara queries for malware analysts with an analyst-friendly web GUI.
ILSpy is the open-source .NET assembly browser and decompiler with various decompiler frontends and features.
ILSpy is the open-source .NET assembly browser and decompiler with various decompiler frontends and features.
A tool for processing compiled YARA rules in IDA.
Python wrapper for Android APK decompilation with various converter and decompiler options.
A script to detect and remove Canary Tokens with simple signature-based detections.
A script to detect and remove Canary Tokens with simple signature-based detections.
A collection of publicly available YARA rules for detecting and classifying malware.
A collection of publicly available YARA rules for detecting and classifying malware.
Use FindYara, an IDA python plugin, to scan your binary with yara rules and quickly jump to matches.
Use FindYara, an IDA python plugin, to scan your binary with yara rules and quickly jump to matches.
A tool designed to handle archive file data and augment Yara's capabilities.
A tool designed to handle archive file data and augment Yara's capabilities.
Studying Android malware behaviors through Information Flow monitoring techniques.
Studying Android malware behaviors through Information Flow monitoring techniques.
PinCTF is a tool for using Intel's Pin Tool to instrument reverse engineering binaries and count instructions.
PinCTF is a tool for using Intel's Pin Tool to instrument reverse engineering binaries and count instructions.
A comprehensive guide to malware analysis and reverse engineering, covering topics such as lab setup, debugging, and anti-debugging.
A comprehensive guide to malware analysis and reverse engineering, covering topics such as lab setup, debugging, and anti-debugging.
Detect capabilities in executable files and identify potential behaviors.
A Unix-based tool that scans for rootkits and other malware on a system, providing a detailed report of the scan results.
A Unix-based tool that scans for rootkits and other malware on a system, providing a detailed report of the scan results.