Malware Detection
Browse 330 malware detection tools
FEATURED
Scan files with Yara, match findings to VirusTotal comments.
Scan files with Yara, match findings to VirusTotal comments.
A low interaction client honeypot that detects malicious websites using signature, anomaly and pattern matching techniques with automated URL collection and JavaScript analysis capabilities.
A low interaction client honeypot that detects malicious websites using signature, anomaly and pattern matching techniques with automated URL collection and JavaScript analysis capabilities.
AI-powered endpoint security with prevention-first approach and EDR capabilities
AI-powered endpoint security with prevention-first approach and EDR capabilities
Maltrail is a malicious traffic detection system utilizing blacklists and heuristic mechanisms.
Maltrail is a malicious traffic detection system utilizing blacklists and heuristic mechanisms.
A tool for dynamic analysis of mobile applications in a controlled environment.
A tool for dynamic analysis of mobile applications in a controlled environment.
A tool that enables Yara rule execution against compressed malware samples, supporting GZip, BZip2, and LZMA formats without manual decompression.
A tool that enables Yara rule execution against compressed malware samples, supporting GZip, BZip2, and LZMA formats without manual decompression.
FSquaDRA detects repackaged Android applications by computing Jaccard similarity over file digests within APK packages using pre-computed signing digests for improved performance.
FSquaDRA detects repackaged Android applications by computing Jaccard similarity over file digests within APK packages using pre-computed signing digests for improved performance.
CuckooDroid extends Cuckoo Sandbox to provide automated dynamic analysis of Android applications in a controlled sandbox environment.
CuckooDroid extends Cuckoo Sandbox to provide automated dynamic analysis of Android applications in a controlled sandbox environment.
Collection of Yara rules for file identification and classification
Collection of Yara rules for file identification and classification
A honeypot agent for running honeypots with service and data at threatwar.com.
A honeypot agent for running honeypots with service and data at threatwar.com.
Malware sandbox for executing malicious files in an isolated environment with advanced features.
Malware sandbox for executing malicious files in an isolated environment with advanced features.
A lightweight bash script IOC scanner for Linux/Unix/macOS systems that detects malicious indicators through hash matching, filename analysis, string searches, and C2 server identification without requiring installation.
A lightweight bash script IOC scanner for Linux/Unix/macOS systems that detects malicious indicators through hash matching, filename analysis, string searches, and C2 server identification without requiring installation.
A library for checking potentially malicious files and archives using YARA and making a decision about their harmfulness.
A library for checking potentially malicious files and archives using YARA and making a decision about their harmfulness.
A Vim syntax-highlighting plugin for YARA rules that supports versions up to v4.3 and provides enhanced code readability for malware analysts.
A Vim syntax-highlighting plugin for YARA rules that supports versions up to v4.3 and provides enhanced code readability for malware analysts.
Bindings for the Yara library from VirusTotal with support for Yara v4.2 and various features like rule compilation and scanning.
Bindings for the Yara library from VirusTotal with support for Yara v4.2 and various features like rule compilation and scanning.
SHIVA: Spam Honeypot with Intelligent Virtual Analyzer for capturing and analyzing spam data.
SHIVA: Spam Honeypot with Intelligent Virtual Analyzer for capturing and analyzing spam data.
YARA is a tool for identifying and classifying malware samples based on textual or binary patterns.
YARA is a tool for identifying and classifying malware samples based on textual or binary patterns.
NotRuler is a tool for Exchange Admins to detect client-side Outlook rules and VBScript enabled forms, aiding in the detection of attacks created through Ruler.
NotRuler is a tool for Exchange Admins to detect client-side Outlook rules and VBScript enabled forms, aiding in the detection of attacks created through Ruler.
A collection of Yara rules licensed under the DRL 1.1 License.
A collection of Yara rules licensed under the DRL 1.1 License.
A forensic toolkit for analyzing Android and iOS devices to detect potential spyware infections and security compromises using indicators of compromise.
A forensic toolkit for analyzing Android and iOS devices to detect potential spyware infections and security compromises using indicators of compromise.
A strings statistics calculator for YARA rules to aid malware research.
A strings statistics calculator for YARA rules to aid malware research.
HAWK is a multi-cloud antivirus scanning API that uses CLAMAV and YARA engines to detect malware in AWS S3, Azure Blob Storage, and GCP Cloud Storage objects.
HAWK is a multi-cloud antivirus scanning API that uses CLAMAV and YARA engines to detect malware in AWS S3, Azure Blob Storage, and GCP Cloud Storage objects.
Detect trojan source attacks that employ unicode bidi attacks to inject malicious code.
Detect trojan source attacks that employ unicode bidi attacks to inject malicious code.
