Malware Analysis
Tools and techniques for analyzing, reverse-engineering, and understanding malicious software.Explore 259 curated tools and resources
Search tools and resources by name, description, or purpose... (⌘+K)
RELATED TASKS
PINNED
A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.
A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.
OSINTLeak is a tool for discovering and analyzing leaked sensitive information across various online sources to identify potential security risks.
OSINTLeak is a tool for discovering and analyzing leaked sensitive information across various online sources to identify potential security risks.
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
LATEST ADDITIONS
Binwalk is a tool for analyzing, reverse engineering, and extracting firmware images with security and Python 2.7 deprecation notices.
Binwalk is a tool for analyzing, reverse engineering, and extracting firmware images with security and Python 2.7 deprecation notices.
Abusing the COM Registry Structure: CLSID, LocalServer32, & InprocServer32
Abusing the COM Registry Structure: CLSID, LocalServer32, & InprocServer32
Discontinued project for file-less persistence, attacks, and anti-forensic capabilities on Windows 7 32-bit systems.
Discontinued project for file-less persistence, attacks, and anti-forensic capabilities on Windows 7 32-bit systems.
BARF is an open source binary analysis framework for supporting various binary code analysis tasks in information security.
BARF is an open source binary analysis framework for supporting various binary code analysis tasks in information security.
Joe Sandbox Community provides automated cloud-based malware analysis across multiple OS platforms.
Joe Sandbox Community provides automated cloud-based malware analysis across multiple OS platforms.
Yara mode for GNU Emacs to edit Yara related files
A simple framework for extracting actionable data from Android malware
A simple framework for extracting actionable data from Android malware
YARA syntax highlighting for Gtk-based text editors
A developer added malicious code to a popular open-source package, wiping files on computers in Russia and Belarus as a protest.
A developer added malicious code to a popular open-source package, wiping files on computers in Russia and Belarus as a protest.
Collection of malware persistence information and techniques
Collection of malware persistence information and techniques
A suite of secret scanners built in Rust for performance.
A collection of YARA rules for public use, built from intelligence profiles and file work.
A collection of YARA rules for public use, built from intelligence profiles and file work.
A minimal library to generate YARA rules from JAVA with maven support.
A minimal library to generate YARA rules from JAVA with maven support.
A cheat sheet for default credentials to aid in penetration testing and vulnerability assessment
A cheat sheet for default credentials to aid in penetration testing and vulnerability assessment