Malware Analysis
Tools and techniques for analyzing, reverse-engineering, and understanding malicious software.Explore 259 curated tools and resources
Search tools and resources by name, description, or purpose... (⌘+K)
RELATED TASKS
PINNED
A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.
A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.
OSINTLeak is a tool for discovering and analyzing leaked sensitive information across various online sources to identify potential security risks.
OSINTLeak is a tool for discovering and analyzing leaked sensitive information across various online sources to identify potential security risks.
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
LATEST ADDITIONS
Boomerang Decompiler is a machine code decompiler supporting various architectures and file formats, with a focus on high-level language output.
Boomerang Decompiler is a machine code decompiler supporting various architectures and file formats, with a focus on high-level language output.
FLARE-VM is a collection of software installation scripts for Windows systems designed for setting up and maintaining a reverse engineering environment on a virtual machine.
FLARE-VM is a collection of software installation scripts for Windows systems designed for setting up and maintaining a reverse engineering environment on a virtual machine.
Automatic YARA rule generation for malware repositories.
PINCE is a front-end/reverse engineering tool for the GNU Project Debugger (GDB), focused on games, with CheatEngine-like value type support and memory searching capabilities.
PINCE is a front-end/reverse engineering tool for the GNU Project Debugger (GDB), focused on games, with CheatEngine-like value type support and memory searching capabilities.
A Linux process injection tool that injects shellcode into a running process
A Linux process injection tool that injects shellcode into a running process
Tool for decompressing malware samples to run Yara rules against them.
Tool for decompressing malware samples to run Yara rules against them.
Automated Android Malware Analysis tool
A blog post discussing INF-SCT fetch and execute techniques for bypass, evasion, and persistence
A blog post discussing INF-SCT fetch and execute techniques for bypass, evasion, and persistence
Malware sandbox for executing malicious files in an isolated environment with advanced features.
Malware sandbox for executing malicious files in an isolated environment with advanced features.
A tool for translating Dalvik bytecode to equivalent Java bytecode, allowing Java analysis tools to analyze Android applications.
A tool for translating Dalvik bytecode to equivalent Java bytecode, allowing Java analysis tools to analyze Android applications.
Platform for uploading, searching, and downloading malware samples.
A library for checking potentially malicious files and archives using YARA and making a decision about their harmfulness.
A library for checking potentially malicious files and archives using YARA and making a decision about their harmfulness.
A tutorial on setting up a virtual ARM environment, reversing ARM binaries, and writing basic exploits for ARM using the trafman challenge of rwthCTF as an example.
A tutorial on setting up a virtual ARM environment, reversing ARM binaries, and writing basic exploits for ARM using the trafman challenge of rwthCTF as an example.