Malware
Explore 49 curated tools and resources
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Commercial
Resources
Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
Free
Resources
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Commercial
Application Security
Check Point CloudGuard WAF
A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.
Commercial
Application Security
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
Commercial
Cloud Security
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
Commercial
Application Security
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Commercial
Cloud Security
LATEST ADDITIONS
An AI-powered email security platform that provides multi-layered protection against phishing, malware, and other email-based threats through various deployment options.
A GitHub repository for fuzzing and testing file formats
A collection of Yara rules for identifying malicious PEs with unique or suspicious PDB paths.
Collection of cybersecurity conference videos recorded by Cooper (@Ministraitor)
Malware Patrol offers a range of threat intelligence solutions, including enterprise data feeds, DNS firewall, phishing threat intelligence, and small business protection.
A dataset release policy for the Android Malware Genome Project, requiring authentication and justification for access to the dataset.
A free DNS recursive service that blocks malicious host names and protects user privacy.
A community-driven public malware repository providing access to malware samples, tools, and resources for the cybersecurity community.
Open-source initiative providing malicious and benign datasets to expedite data analysis and threat research.
A collection of Android Applications with malware analysis results
Largest open collection of Android malware samples, with 298 samples and contributions welcome.
A simple framework for extracting actionable data from Android malware
Advanced Endpoint Protection is a complete endpoint protection platform that provides advanced threat protection against ransomware, data breaches, and malware.
UDcide provides an alternative approach to dealing with Android malware by targeting specific behaviors for removal.
Report on a malicious module posing as a cookie parsing library on npm blog archive.
A free threat intelligence feed and banlist feed of known malicious IP addresses for public use only.
Explores malware interaction with Windows API and methods for detection and prevention.
Platform providing community-driven threat intelligence on cyber threats with a focus on malware and botnets.
Identifies 137 malicious npm packages and gathers system information to a remote server.
A collection of public YARA signatures for various malware families.
Daily feed of bad IPs with blacklist hit scores for cybersecurity professionals to stay informed about malicious IP addresses.
VX-Underground is a vast online repository of malware samples, featuring various collections for cybersecurity professionals and researchers to analyze and combat cyber threats.
Darkarmour is a Windows AV evasion tool that helps bypass antivirus software, allowing for the creation of undetectable malware.
Repository of scripts, signatures, and IOCs related to various malware analysis topics.
Automatic YARA rule generator based on Koodous reports with limited false positives.
Maldatabase is a threat intelligence platform providing malware datasets and threat intelligence feeds for malware data science and threat intelligence.
Collection of YARA signatures from recent malware research.
Platform for uploading, searching, and downloading malware samples.
A collection of APT and cybercriminals campaigns with various resources and references.
FTP Honeypot tool with FTP + SSL-FTP features, used for catching credentials and malware files, distributing honeytoken files, and generating SSL certificates.
Repository of APT-related documents and notes sorted by year.
A modular malware collection and processing framework with support for various threat intelligence feeds.
Provides indicators of compromise (IOCs) to combat malware with Yara and Snort rules.
TeamTNT is modifying its malicious shell scripts after they were made public by security researchers.
A sophisticated npm attack attributed to North Korean threat actors, targeting technology firms and their employees.
A nonprofit security organization that collects and shares threat data to make the Internet more secure.
A detailed analysis of malicious packages and how they work
In-depth analysis of real-world attacks and threat tactics
npm security team foils plot to steal $13 million in cryptocurrency
A minimal, consistent API for building integrations with malware sandboxes
A sandbox for quickly sandboxing known or unknown families of Android Malware
Malware allows attackers to execute Windows commands from a remote environment
A multithreaded YARA scanner for incident response or malware zoos.
A generator for YARA rules that creates rules from strings found in malware files while removing strings from goodware files.
Repository of TRISIS/TRITON/HatMan malware samples and decompiled sources targeting ICS Triconex SIS controllers.
Repository of YARA rules for Trellix ATR blogposts and investigations
Studying Android malware behaviors through Information Flow monitoring techniques.