Malware Analysis
Tools and techniques for analyzing, reverse-engineering, and understanding malicious software.Explore 259 curated tools and resources
Search tools and resources by name, description, or purpose... (⌘+K)
RELATED TASKS
PINNED
A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.
A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.
OSINTLeak is a tool for discovering and analyzing leaked sensitive information across various online sources to identify potential security risks.
OSINTLeak is a tool for discovering and analyzing leaked sensitive information across various online sources to identify potential security risks.
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
LATEST ADDITIONS
A project providing open-source YARA rules for malware and malicious file detection
A project providing open-source YARA rules for malware and malicious file detection
Java decompiler for modern Java features up to Java 14.
A dataset release policy for the Android Malware Genome Project, requiring authentication and justification for access to the dataset.
A dataset release policy for the Android Malware Genome Project, requiring authentication and justification for access to the dataset.
Collection of slides, materials, demos, crackmes, and writeups from r2con-2017 conference.
Collection of slides, materials, demos, crackmes, and writeups from r2con-2017 conference.
A collection of resources for beginners to learn assembly language.
A collection of resources for beginners to learn assembly language.
A collection of Android Fakebank and Tizi samples for analyzing spyware on Android devices.
A collection of Android Fakebank and Tizi samples for analyzing spyware on Android devices.
A semi-automatic tool to generate YARA rules from virus samples.
A semi-automatic tool to generate YARA rules from virus samples.
A free web-based Yara debugger for security analysts to write hunting or detection rules with ease.
A free web-based Yara debugger for security analysts to write hunting or detection rules with ease.
angr is a Python 3 library for binary analysis with various capabilities like symbolic execution and decompilation.
angr is a Python 3 library for binary analysis with various capabilities like symbolic execution and decompilation.
A blog post discussing INF-SCT fetch and execute techniques for bypass, evasion, and persistence
A blog post discussing INF-SCT fetch and execute techniques for bypass, evasion, and persistence
A Yara ruleset for detecting PHP shells and other webserver malware.
Powerful debugging tool with extensive features and extensions for memory dump analysis and crash dump analysis.
Powerful debugging tool with extensive features and extensions for memory dump analysis and crash dump analysis.
Ropper is a tool for analyzing binary files and searching for gadgets to build rop chains for different architectures.
Ropper is a tool for analyzing binary files and searching for gadgets to build rop chains for different architectures.
Intezer is a cloud-based malware analysis platform that detects and classifies malware using genetic code analysis.
Intezer is a cloud-based malware analysis platform that detects and classifies malware using genetic code analysis.