Malware Analysis
Tools and techniques for analyzing, reverse-engineering, and understanding malicious software.Explore 256 curated tools and resources
RELATED TASKS
PINNED
Promoted • 6 toolsWant your tool featured here?
Get maximum visibility with pinned placement
LATEST ADDITIONS
A Burp intruder extender for automating and validating XSS vulnerabilities
A Burp intruder extender for automating and validating XSS vulnerabilities
A tool that recovers passwords from pixelized screenshots
A command-line tool for identifying NoSQL injection vulnerabilities in MongoDB databases
A command-line tool for identifying NoSQL injection vulnerabilities in MongoDB databases
A better version of my xssfinder tool that scans for different types of XSS on a list of URLs.
A better version of my xssfinder tool that scans for different types of XSS on a list of URLs.
A tool to help exploit XXE vulnerabilities by sending a crafted XML file to the server and parsing it to extract the data.
A tool to help exploit XXE vulnerabilities by sending a crafted XML file to the server and parsing it to extract the data.
Fuzzilli is a JavaScript engine fuzzer that helps identify vulnerabilities in JavaScript engines.
Fuzzilli is a JavaScript engine fuzzer that helps identify vulnerabilities in JavaScript engines.
A tool for identifying sensitive secrets in public GitHub repositories
A deserialization payload generator for .NET formatters
Command line tool for testing CRLF injection on a list of domains.
Command line tool for testing CRLF injection on a list of domains.
Interactive .NET SQL console client with enhanced SQL Server discovery, access, and data exfiltration features
Interactive .NET SQL console client with enhanced SQL Server discovery, access, and data exfiltration features
A wordlist to bruteforce for Local File Inclusion (LFI) vulnerabilities
A wordlist to bruteforce for Local File Inclusion (LFI) vulnerabilities
A toolkit for detecting and tracking Blind XSS, XXE, and SSRF vulnerabilities
A simple Python script to test for a hypothetical JWT vulnerability
A simple Python script to test for a hypothetical JWT vulnerability
An open-source binary debugger for Windows with a comprehensive plugin system for malware analysis and reverse engineering.
An open-source binary debugger for Windows with a comprehensive plugin system for malware analysis and reverse engineering.
A command line utility for searching and downloading exploits
VMCloak is a tool for creating and preparing Virtual Machines for Cuckoo Sandbox.
VMCloak is a tool for creating and preparing Virtual Machines for Cuckoo Sandbox.
Interactive malware hunting service with live access to the heart of an incident.
Interactive malware hunting service with live access to the heart of an incident.
A malware/botnet analysis framework with a focus on network analysis and process comparison.
A malware/botnet analysis framework with a focus on network analysis and process comparison.
A collection of Yara rules for identifying malicious PEs with unique or suspicious PDB paths.
A collection of Yara rules for identifying malicious PEs with unique or suspicious PDB paths.
Dynamic binary analysis library with various analysis and emulation capabilities.
Dynamic binary analysis library with various analysis and emulation capabilities.
Copy executables with execute, but no read permission on Unix systems.
An advanced cross-platform tool for detecting and exploiting SQL injection security flaws
An advanced cross-platform tool for detecting and exploiting SQL injection security flaws
A tool that generates pseudo-malicious files to trigger YARA rules.
A tool that generates pseudo-malicious files to trigger YARA rules.
A portable version of XSSHunter.com for finding and exploiting Cross-Site Scripting (XSS) vulnerabilities.
A portable version of XSSHunter.com for finding and exploiting Cross-Site Scripting (XSS) vulnerabilities.