Malware Analysis
Browse 259 malware analysis tools
FEATURED
Malware analysis platform using emulation-based sandbox technology
Managed SOC service hosted in Saudi Arabia with 24/7 monitoring and IR
GenAI-powered malware analysis tool for unknown & zero-day threats
An open-source binary debugger for Windows with a comprehensive plugin system for malware analysis and reverse engineering.
A comprehensive malware-analysis tool that utilizes external AV scanners to identify malicious elements in binary files.
Interactive malware hunting service with live access to the heart of an incident.
A malware/botnet analysis framework with a focus on network analysis and process comparison.
CrowdFMS is a CrowdStrike framework that automates malware sample collection from VirusTotal using YARA rule-based notifications and the Private API system.
ConventionEngine is a Yara rule collection that analyzes PE files by examining PDB paths for suspicious keywords, terms, and anomalies that may indicate malicious software.
YaraHunter scans container images, running Docker containers, and filesystems using YARA rules to detect malware indicators and signs of compromise.
An IDAPython script that generates YARA rules for basic blocks of the current function in IDA Pro, with automatic masking of relocation bytes and optional validation against file segments.
Binsequencer automatically generates YARA detection rules by analyzing collections of similar malware samples and identifying common x86 instruction sequences across the corpus.
A malware processing and analytics tool that utilizes Pig, Django, and Elasticsearch to analyze and visualize malware data.
A comprehensive Android application analysis tool that provides device management, logcat analysis, file examination, and integration with security frameworks like MobSF and JD-GUI.
A Go-based crash analysis tool that processes and reproduces crash files from fuzzing tools like AFL with multiple debugging engines and output formats.
A repository of YARA rules for identifying and classifying malware through pattern-based detection.
Drltrace is a dynamic API calls tracer for Windows and Linux applications.
A semi-automatic tool to generate YARA rules from virus samples.
angr is a Python-based binary analysis framework that provides disassembly, symbolic execution, and program analysis capabilities for cross-platform binary examination.
A Yara ruleset designed to detect PHP shells and other webserver malware for malware analysis and threat detection.
CRITs is an open source malware and threat repository for collaborative threat defense and analysis.
A honeypot designed to detect and analyze malicious activities in instant messaging platforms.
Ghidra is an NSA-developed software reverse engineering framework that provides disassembly, decompilation, and analysis tools for examining compiled code across multiple platforms and processor architectures.
Generate Yara rules from function basic blocks in x64dbg.
