Tools and techniques for analyzing, reverse-engineering, and understanding malicious software.Explore 256 curated tools and resources
Want your tool featured here?
Get maximum visibility with pinned placement
Pwndbg is a GDB plug-in that enhances the debugging experience for low-level software developers, hardware hackers, reverse-engineers, and exploit developers.
Pwndbg is a GDB plug-in that enhances the debugging experience for low-level software developers, hardware hackers, reverse-engineers, and exploit developers.
A Scriptable Android Debugger for reverse engineers and developers.
YaraHunter scans container images, running Docker containers, and filesystems to find indicators of malware.
YaraHunter scans container images, running Docker containers, and filesystems to find indicators of malware.
Generates a YARA rule to match basic blocks of the current function in IDA Pro
Generates a YARA rule to match basic blocks of the current function in IDA Pro
A tool that scans a corpus of malware and builds a YARA rule to detect similar code sections.
A tool that scans a corpus of malware and builds a YARA rule to detect similar code sections.
A malware processing and analytics tool that utilizes Pig, Django, and Elasticsearch to analyze and visualize malware data.
A malware processing and analytics tool that utilizes Pig, Django, and Elasticsearch to analyze and visualize malware data.
A collection of Yara rules for detecting malware evasion techniques
A collection of Yara rules for detecting malware evasion techniques
A project providing open-source YARA rules for malware and malicious file detection
A project providing open-source YARA rules for malware and malicious file detection
Java decompiler for modern Java features up to Java 14.
A dataset release policy for the Android Malware Genome Project, requiring authentication and justification for access to the dataset.
A dataset release policy for the Android Malware Genome Project, requiring authentication and justification for access to the dataset.
Collection of slides, materials, demos, crackmes, and writeups from r2con-2017 conference.
Collection of slides, materials, demos, crackmes, and writeups from r2con-2017 conference.
A collection of resources for beginners to learn assembly language.
A collection of resources for beginners to learn assembly language.
A collection of Android Fakebank and Tizi samples for analyzing spyware on Android devices.
A collection of Android Fakebank and Tizi samples for analyzing spyware on Android devices.
A semi-automatic tool to generate YARA rules from virus samples.
A semi-automatic tool to generate YARA rules from virus samples.
A free web-based Yara debugger for security analysts to write hunting or detection rules with ease.
A free web-based Yara debugger for security analysts to write hunting or detection rules with ease.
angr is a Python 3 library for binary analysis with various capabilities like symbolic execution and decompilation.
angr is a Python 3 library for binary analysis with various capabilities like symbolic execution and decompilation.
A blog post discussing INF-SCT fetch and execute techniques for bypass, evasion, and persistence
A blog post discussing INF-SCT fetch and execute techniques for bypass, evasion, and persistence
A Yara ruleset for detecting PHP shells and other webserver malware.
Powerful debugging tool with extensive features and extensions for memory dump analysis and crash dump analysis.
Powerful debugging tool with extensive features and extensions for memory dump analysis and crash dump analysis.
Ropper is a tool for analyzing binary files and searching for gadgets to build rop chains for different architectures.
Ropper is a tool for analyzing binary files and searching for gadgets to build rop chains for different architectures.
Intezer is a cloud-based malware analysis platform that detects and classifies malware using genetic code analysis.
Intezer is a cloud-based malware analysis platform that detects and classifies malware using genetic code analysis.
Online Java decompiler tool with support for modern Java features.
Online Java decompiler tool with support for modern Java features.
A tool for signature analysis of RTF files to detect potentially unique parts and malicious documents.
A tool for signature analysis of RTF files to detect potentially unique parts and malicious documents.