GitHub topics: malware-analysis

Repositories

onlydraxen/Vasion-Security-Suite

# Vasion Security Suite - Elite EditionHola, soy un nuevo desarrollador y este es mi primer proyecto personal. Con la ayuda de IA, estoy creando una suite de seguridad que utiliza aprendizaje automático para detectar y adaptarse a amenazas en sistemas. 🛡️💻

Language: Python - Size: 44.9 KB - Last synced at: about 2 hours ago - Pushed at: about 3 hours ago - Stars: 0 - Forks: 0

jbimard/ethical-python-keylogger

An educational Python keylogger demonstrating keyboard event capture and logging techniques for ethical cybersecurity learning.

Language: Python - Size: 2.31 MB - Last synced at: about 6 hours ago - Pushed at: about 7 hours ago - Stars: 0 - Forks: 0

CybercentreCanada/assemblyline_client

Python client for Assemblyline 3 and 4 / Client python pour AssemblyLine 3 and 4

Language: Python - Size: 417 KB - Last synced at: about 7 hours ago - Pushed at: about 8 hours ago - Stars: 23 - Forks: 12

Kristeel256/Awesome-Blackhat-Tools

Awesome Black Hat Tools is a curated collection of tools showcased at Black Hat events, perfect for cybersecurity professionals. Discover powerful resources for Red Teaming, Blue Teaming, and more, all vetted by experts. 🛠️💻

Size: 1.93 MB - Last synced at: about 8 hours ago - Pushed at: about 9 hours ago - Stars: 1 - Forks: 0

Net-Zer0/Malware-ResearchDump-RoCompile-JavaScript-Stealer-Campaign

Dump of the payload from texturecraft.us, A malware campaign that targeted Roblox users using bookmark bar JavaScript injection to steal credentials. Named RoCompile as it operates similar to RoLinked, also the strings in the payload that say compile avatar.

Language: JavaScript - Size: 469 KB - Last synced at: about 8 hours ago - Pushed at: about 9 hours ago - Stars: 1 - Forks: 0

MISP/MISP

MISP (core software) - Open Source Threat Intelligence and Sharing Platform

Language: PHP - Size: 154 MB - Last synced at: about 17 hours ago - Pushed at: about 17 hours ago - Stars: 5,765 - Forks: 1,469

CYBER-MRINAL/MAL-Analyzer

🦠MAL-ANALYZER is a powerful tool for analyzing files for potential malicious content. With support for various file types, VirusTotal integration, and metadata extraction, it ensures your files are safe and secure. 🛡️✨

Language: Python - Size: 41 KB - Last synced at: about 20 hours ago - Pushed at: about 21 hours ago - Stars: 2 - Forks: 0

g3tsyst3m/g3tsyst3m.github.io Fork of mmistakes/minimal-mistakes

:triangular_ruler: G3tSyst3m's Infosec Research and Development Blog

Language: SCSS - Size: 47.7 MB - Last synced at: about 24 hours ago - Pushed at: 1 day ago - Stars: 8 - Forks: 3

user1342/Obfu-DE-Scate

Obfu[DE]scate is a de-obfuscation tool for Android APKs that uses fuzzy comparison logic to identify similarities between functions, even if they have been renamed as part of obfuscation. It compares two versions of an APK and generates a mapping text file and an interactive HTML file as outputs!

Language: Python - Size: 11.3 MB - Last synced at: about 23 hours ago - Pushed at: about 1 year ago - Stars: 171 - Forks: 12

Ephrimgnanam/Worms

This is a collection of Worms for educational purposes

Size: 20.5 MB - Last synced at: 1 day ago - Pushed at: 1 day ago - Stars: 23 - Forks: 3

usrtem/LokiBot-Malware-Analysis

Static and behavioral malware analysis of LokiBot using FlareVM, REMnux, VirusTotal, and Hybrid Analysis. Includes MITRE ATT&CK mapping and prevention guidance.

Size: 10.7 KB - Last synced at: 1 day ago - Pushed at: 1 day ago - Stars: 1 - Forks: 0

usrtem/Malware-Network-Analysis

PCAP-based analysis of CryptoLocker and Word-Dropper malware samples using Wireshark and REMnux. Focus on DNS, HTTP, and TLS artifacts to identify adversary behavior and exfiltration attempts.

Size: 987 KB - Last synced at: 1 day ago - Pushed at: 1 day ago - Stars: 1 - Forks: 0

cybersecurity-dev/PE-Static-Toolkit

PE Static Toolkit | Portable Executable (PE) Analysing Toolkit

Language: Python - Size: 29.3 KB - Last synced at: 1 day ago - Pushed at: 1 day ago - Stars: 1 - Forks: 0

usrtem/Static-Malware-Analysis

This repository contains two static malware analysis labs: one exploring Emotet using VirusTotal and Hybrid Analysis, and another focused on keylogger dissection using REMnux and PEStudio.

Size: 0 Bytes - Last synced at: 1 day ago - Pushed at: 1 day ago - Stars: 0 - Forks: 0

usrtem/Malware-Classification-Qilin

Comparative overview of malware types with a case study on Qilin ransomware operations, tooling, and tactics. Includes behavioral analysis and threat trends.

Size: 22.1 MB - Last synced at: 1 day ago - Pushed at: 1 day ago - Stars: 0 - Forks: 0

usrtem/Conti-Leak-Analysis

In-depth analysis of the Conti ransomware gang based on their leaked internal Jabber chat logs. Includes organizational structure, operational tactics, key actors, and negotiation strategies.

Size: 221 KB - Last synced at: 1 day ago - Pushed at: 1 day ago - Stars: 0 - Forks: 0

usrtem/course-highlights

Summary of key cybersecurity, programming, and digital forensics courses completed at Utica University as part of the B.S. in Cybersecurity (Cyber Operations). Highlights include AI security, OSINT, malware analysis, and applied risk management using NIST frameworks.

Size: 6.84 KB - Last synced at: 1 day ago - Pushed at: 1 day ago - Stars: 0 - Forks: 0

80h3m14n/80h3m14n-book

A journal I am writing on my cyber security journey

Language: HTML - Size: 71.3 KB - Last synced at: 1 day ago - Pushed at: 1 day ago - Stars: 0 - Forks: 0

usrtem/TrickBot-Analysis

In-depth malware research report analyzing TrickBot's evolution from a banking trojan to a modular threat tool used in ransomware campaigns. Covers threat actor attribution, MITRE ATT&CK mapping, propagation techniques, and defensive strategies.

Size: 168 KB - Last synced at: 1 day ago - Pushed at: 1 day ago - Stars: 0 - Forks: 0

radareorg/radare2

UNIX-like reverse engineering framework and command-line toolset

Language: C - Size: 176 MB - Last synced at: 1 day ago - Pushed at: 1 day ago - Stars: 21,829 - Forks: 3,082

jm33-m0/windows-sandbox-init

Rapidly initialize Windows Sanbox for malware analysis and reverse engineering

Language: PowerShell - Size: 6.12 MB - Last synced at: 1 day ago - Pushed at: 4 months ago - Stars: 135 - Forks: 15

Tetedu27/AskaLoader

Web-loader for executable files

Language: C# - Size: 1.1 MB - Last synced at: 1 day ago - Pushed at: 2 days ago - Stars: 1 - Forks: 0

UCYBERS/Awesome-Blackhat-Tools

A curated list of tools officially presented at Black Hat events

Size: 2.02 MB - Last synced at: 2 days ago - Pushed at: 10 days ago - Stars: 210 - Forks: 13

AR0NICA/project-kawanhive

Project KawanHive : A conceptual design scenario and C++ simulation of a next-generation, AI-driven evolutionary worm

Size: 30.3 KB - Last synced at: 2 days ago - Pushed at: 2 days ago - Stars: 0 - Forks: 0

mentebinaria/fundamentos-engenharia-reversa

Livro: Engenharia Reversa - Fundamentos e Prática

Size: 4.6 MB - Last synced at: 2 days ago - Pushed at: 2 days ago - Stars: 182 - Forks: 33

elastic/die-python

Native Python3 bindings for @horsicq's Detect-It-Easy

Language: Python - Size: 72.3 KB - Last synced at: 2 days ago - Pushed at: about 1 month ago - Stars: 70 - Forks: 4

SilentisVox/p0cket-shell

Smallest Reverse Shell Shellcode by p0cket-shell

Language: Python - Size: 67.4 KB - Last synced at: 2 days ago - Pushed at: 2 days ago - Stars: 0 - Forks: 0

BinFlip/dotscope

A high-performance, cross-platform framework for analyzing and reverse engineering .NET PE executables. Built in pure Rust, `dotscope` provides comprehensive tooling for parsing CIL (Common Intermediate Language) bytecode, metadata structures, and disassembling .NET assemblies without requiring Windows or the .NET runtime.

Language: Rust - Size: 1.86 MB - Last synced at: 2 days ago - Pushed at: 2 days ago - Stars: 0 - Forks: 0

CybercentreCanada/assemblyline-base

Base components for Assemblyline 4 (Datastore, ODM, Filestore, Remote Datatypes, utils function, etc...)

Language: Python - Size: 8.38 MB - Last synced at: 1 day ago - Pushed at: 1 day ago - Stars: 70 - Forks: 36

HydraDragonAntivirus/HydraDragonAntivirus

Dynamic and Static Analysis with Sandboxie for Windows with ClamAV, YARA-X, my machine learning AI, Behaviour analysis, NLP-Based detection, website signatures, Ghidra and Snort etc.

Language: YARA - Size: 2.89 GB - Last synced at: 2 days ago - Pushed at: 2 days ago - Stars: 76 - Forks: 3

rshipp/awesome-malware-analysis

Defund the Police.

Size: 644 KB - Last synced at: 2 days ago - Pushed at: about 1 year ago - Stars: 12,668 - Forks: 2,609

InQuest/sandboxapi

Minimal, consistent Python API for building integrations with malware sandboxes.

Language: Python - Size: 726 KB - Last synced at: 1 day ago - Pushed at: over 1 year ago - Stars: 139 - Forks: 40

InfoSecUniversity/block-list

Block list of different category's. Please use at your own risk. No warranty

Size: 1.06 MB - Last synced at: 2 days ago - Pushed at: 3 days ago - Stars: 1 - Forks: 0

aquasecurity/traceeshark

Deep Linux runtime visibility meets Wireshark

Language: C - Size: 1.75 MB - Last synced at: 3 days ago - Pushed at: 3 days ago - Stars: 291 - Forks: 16

KasperskyLab/hrtng

IDA Pro plugin with a rich set of features: decryption, deobfuscation, patching, lib code recognition and various pseudocode transformations

Language: C++ - Size: 105 MB - Last synced at: 3 days ago - Pushed at: 3 days ago - Stars: 1,242 - Forks: 122

5kidRo0t/VenomStrike

VenomStrike: A lightweight, blazing-fast malware scanner that identifies known threats via SHA-256, MD5 hashes and YARA rules. Confirms if a file is a known malware sample. No bloat — just raw speed, simplicity, and full portability.

Language: YARA - Size: 89.8 KB - Last synced at: 3 days ago - Pushed at: 3 days ago - Stars: 1 - Forks: 0

mandiant/xrefer

FLARE Team's Binary Navigator

Language: Python - Size: 125 MB - Last synced at: about 11 hours ago - Pushed at: 10 days ago - Stars: 264 - Forks: 25

fr0gger/jupyter-collection

Collection of Jupyter Notebooks by @fr0gger_

Language: HTML - Size: 5.75 MB - Last synced at: 3 days ago - Pushed at: 3 days ago - Stars: 170 - Forks: 40

pwndbg/pwndbg

Exploit Development and Reverse Engineering with GDB & LLDB Made Easy

Language: Python - Size: 64.2 MB - Last synced at: 3 days ago - Pushed at: 3 days ago - Stars: 8,796 - Forks: 1,022

packing-box/awesome-executable-packing

A curated list of awesome resources related to executable packing

Size: 365 KB - Last synced at: 2 days ago - Pushed at: 3 days ago - Stars: 1,353 - Forks: 115

user1342/Awesome-Android-Reverse-Engineering

A curated list of awesome Android Reverse Engineering training, resources, and tools.

Size: 117 KB - Last synced at: about 23 hours ago - Pushed at: 3 months ago - Stars: 1,122 - Forks: 106

x64dbg/x64dbg

An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.

Language: C++ - Size: 58.7 MB - Last synced at: 3 days ago - Pushed at: 3 days ago - Stars: 46,264 - Forks: 2,544

Net-Zer0/Malware-ResearchDump-Texturecraft-JavaScript-Stealer-Campaign

Dump of bookmark injection-based credential stealers from https://texturecraft.us https://texturecraft.org https://rbxtexture.com https://rotemplate.com/ https://www.bloxavatar.com/ https://rbxformat.com/ https://rbxcreator.com/ https://rbxart.com/ https://www.rbxvisual.com/ https://rbxbuild.com/

Language: JavaScript - Size: 506 KB - Last synced at: 3 days ago - Pushed at: 3 days ago - Stars: 1 - Forks: 0

gdt050579/GView

GView is a cross-platform framework for reverse-engineering. Users can leverage the diverse range of available visualization options to effectively analyze and interpret the information.

Language: C++ - Size: 18.1 MB - Last synced at: 3 days ago - Pushed at: 3 days ago - Stars: 47 - Forks: 41

anyrun/anyrun-sdk

Simplify integration with ANY.RUN REST API services

Language: Python - Size: 105 KB - Last synced at: 3 days ago - Pushed at: 4 days ago - Stars: 6 - Forks: 1

keowu/koidbg 📦

A debugger for Windows ARM64 (AARCH64), user-friendly for reverse engineers, malware analysts, malware developers, game hacking, operating system studies, and more.

Language: C++ - Size: 17.4 MB - Last synced at: 3 days ago - Pushed at: about 1 month ago - Stars: 59 - Forks: 10

user1342/DroidDetective

A machine learning malware analysis framework for Android apps.

Language: Python - Size: 344 KB - Last synced at: about 23 hours ago - Pushed at: about 1 year ago - Stars: 128 - Forks: 21

chainguard-dev/malcontent

#supply #chain #attack #detection

Language: YARA - Size: 1.4 GB - Last synced at: 4 days ago - Pushed at: 4 days ago - Stars: 526 - Forks: 50

cybersecurity-dev/awesome-malware-traffic-analysis-scientific-research

Awesome Malware Traffic Analysis Scientific Research

Size: 0 Bytes - Last synced at: 4 days ago - Pushed at: 4 days ago - Stars: 0 - Forks: 0

0xx0d4y/RE_AutomationPythonScripts

In this repository, I will store my scripts that I create to automate some processes during some Reverse Engineering tasks. Some scripts are just code exercises, the main topic of which is reverse engineering.

Language: Python - Size: 5.82 MB - Last synced at: 4 days ago - Pushed at: 4 days ago - Stars: 7 - Forks: 4

cocomelonc/meow

Cybersecurity research results. Simple C/C++ and Python implementations

Language: C - Size: 9.73 MB - Last synced at: 4 days ago - Pushed at: 4 days ago - Stars: 230 - Forks: 51

Ephrimgnanam/Cute-RATs

This is a collection of RATs for educational purposes

Size: 123 MB - Last synced at: 4 days ago - Pushed at: 4 days ago - Stars: 41 - Forks: 6

mandiant/flare-floss

FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.

Language: Python - Size: 23.6 MB - Last synced at: 3 days ago - Pushed at: 10 days ago - Stars: 3,559 - Forks: 483

mentebinaria/readpe

The PE file analysis toolkit

Language: C - Size: 2.37 MB - Last synced at: 4 days ago - Pushed at: about 1 month ago - Stars: 729 - Forks: 137

udenar2023/linux-bpfdoor-malware-scanner

Linux BPFDoor Malware Scanner

Language: Python - Size: 34.2 KB - Last synced at: 4 days ago - Pushed at: 4 days ago - Stars: 0 - Forks: 0

mthcht/ThreatIntel-Reports

Raw data from Threat Intelligence Reports with automatic reports collection and keyword search across thousands of reports

Language: Python - Size: 2.17 GB - Last synced at: 2 days ago - Pushed at: 4 days ago - Stars: 119 - Forks: 11

oracle/macaron

Macaron is an extensible supply-chain security analysis framework from Oracle Labs that supports a wide range of build systems and CI/CD services. It can be used to prevent supply chain attacks, detect malicious Python packages, or check conformance to frameworks, such as SLSA. Documentation:

Language: Python - Size: 6.27 MB - Last synced at: 2 days ago - Pushed at: 2 days ago - Stars: 158 - Forks: 28

Washi1337/AsmResolver

A library for creating, reading and editing PE files and .NET modules.

Language: C# - Size: 9.62 MB - Last synced at: 3 days ago - Pushed at: 3 days ago - Stars: 964 - Forks: 134

horsicq/XAPKDetector

APK/DEX detector for Windows, Linux and MacOS.

Language: C++ - Size: 8.89 MB - Last synced at: 4 days ago - Pushed at: 4 days ago - Stars: 648 - Forks: 91

horsicq/Nauz-File-Detector

Linker/Compiler/Tool detector for Windows, Linux and MacOS.

Language: C++ - Size: 10.6 MB - Last synced at: 4 days ago - Pushed at: 4 days ago - Stars: 555 - Forks: 81

Executioner0x00/Oxidizer.exe-Malware

A GDI Malware. I'm not responsible for any damages. Made for Educational Purposes only. Not for people with epilepsy! Works on Windows XP-11. If you want to use the source code in your malware then you must make it open source as well!

Language: C - Size: 12.9 MB - Last synced at: 4 days ago - Pushed at: 4 days ago - Stars: 1 - Forks: 0

penxpkj/Defensive-Security-Hub

# Defensive Security Hub A curated collection of essential resources, tools, and references for Security Operations Center (SOC) analysts. This repository aims to support your security efforts and enhance your skills. 🌐🔒

Size: 25.4 KB - Last synced at: 5 days ago - Pushed at: 5 days ago - Stars: 1 - Forks: 0

iamkorun/misp-ioc-harvester

Language: Python - Size: 10.7 KB - Last synced at: 5 days ago - Pushed at: 5 days ago - Stars: 0 - Forks: 0

Ephrimgnanam/Cute-Stealers

This is a collection of stealers for educational purposes

Size: 121 MB - Last synced at: 5 days ago - Pushed at: 5 days ago - Stars: 6 - Forks: 2

slrbl/malware-detection-with-deep-learning-autoencoder

Language: Python - Size: 230 KB - Last synced at: 5 days ago - Pushed at: 5 days ago - Stars: 12 - Forks: 9

mandiant/flare-vm

A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.

Language: Python - Size: 14.9 MB - Last synced at: 4 days ago - Pushed at: about 1 month ago - Stars: 7,370 - Forks: 999

PardhuSreeRushiVarma20060119/LifeAroundCybersecurity-Repo

Evolving Repo For My Life In Cybersecurity

Language: Python - Size: 322 KB - Last synced at: 5 days ago - Pushed at: 5 days ago - Stars: 2 - Forks: 0

malwaredb/malwaredb-rs

MalwareDB: bookkeeping for malware, goodware, and unknown files with relationship discovery

Language: Rust - Size: 3.19 MB - Last synced at: 5 days ago - Pushed at: 5 days ago - Stars: 47 - Forks: 5

mandiant/capa

The FLARE team's open-source tool to identify capabilities in executable files.

Language: Python - Size: 34.9 MB - Last synced at: 3 days ago - Pushed at: 8 days ago - Stars: 5,380 - Forks: 612

lowlevel01/marchive

An archive of all the tools I've built to automate string/code deobfuscation and analyze malware samples.

Language: Python - Size: 43 KB - Last synced at: 5 days ago - Pushed at: 5 days ago - Stars: 0 - Forks: 1

uttambodara/TryHackMeRoadmap

A list of 350+ free TryHackMe rooms💻 to kick off your cybersecurity learning, organized by topics for easy exploration and practical skill-building !💀💥

Size: 19.5 KB - Last synced at: 5 days ago - Pushed at: 5 days ago - Stars: 27 - Forks: 8

BarakAharoni/Publications

This repository contains my publications.

Size: 15.1 MB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 4 - Forks: 0

Karneades/awesome-malware-persistence

A curated list of awesome malware persistence tools and resources.

Size: 55.7 KB - Last synced at: 2 days ago - Pushed at: 7 months ago - Stars: 225 - Forks: 17

lief-project/LIEF

LIEF - Library to Instrument Executable Formats (C++, Python, Rust)

Language: C++ - Size: 90.7 MB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 4,902 - Forks: 663

lowlevel01/config-extractors

A collection of malware config extractors I built

Language: Python - Size: 521 KB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 1 - Forks: 0

Still34/malware-lab

Public repository containing materials for various malware-related streams.

Language: YARA - Size: 343 MB - Last synced at: 4 days ago - Pushed at: 6 days ago - Stars: 36 - Forks: 2

chainguard-dev/malcontent-samples

Samples used for developing and testing malcontent rules.

Language: JavaScript - Size: 1.08 GB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 3 - Forks: 5

tildeeine/AIGIS

This is a research prototype for visualizing dynamic malware behavior, developed as part of a master's thesis. The platform is aimed at exploring how different visualizations can support investigation of Windows executables. It includes a custom frontend for process trees, timelines, event graphs, based on sandboxed malware execution data.

Language: Svelte - Size: 3.38 MB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 0 - Forks: 0

binref/refinery

High Octane Triage Analysis

Language: Python - Size: 18 MB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 732 - Forks: 68

intelowlproject/IntelOwl

IntelOwl: manage your Threat Intelligence at scale

Language: Python - Size: 145 MB - Last synced at: 4 days ago - Pushed at: 4 days ago - Stars: 4,154 - Forks: 491

CybercentreCanada/assemblyline-service-cape

Assemblyline 4 Malware detonation service (CAPEv2)

Language: Python - Size: 1.93 MB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 11 - Forks: 3

cybersecurity-dev/awesome-malware-traffic-analysis

Awesome Malware Traffic Analysis

Size: 14.6 KB - Last synced at: 6 days ago - Pushed at: 7 days ago - Stars: 0 - Forks: 0

michelcrypt4d4mus/pdfalyzer

Analyze PDFs. With colors. And Yara.

Language: Python - Size: 93.5 MB - Last synced at: 7 days ago - Pushed at: 7 days ago - Stars: 273 - Forks: 19

Spacial/awesome-csirt

Awesome CSIRT is an curated list of links and resources in security and CSIRT daily activities.

Language: C - Size: 2.5 MB - Last synced at: 6 days ago - Pushed at: 9 months ago - Stars: 536 - Forks: 95

marcugeorgian19/decompilation-report

Este repositorio presenta un informe sobre decompilación, elaborado para la materia _Lenguajes y Compiladores_ en FAMAF. Aquí encontrarás detalles sobre el decompilador `dcc`, mejoras en decompiladores dinámicos y herramientas actuales. 🛠️📄

Language: TeX - Size: 726 KB - Last synced at: 7 days ago - Pushed at: 7 days ago - Stars: 0 - Forks: 0

CybercentreCanada/assemblyline4_docs

AssemblyLine4 documentation

Language: HTML - Size: 27.7 MB - Last synced at: 7 days ago - Pushed at: 7 days ago - Stars: 29 - Forks: 16

mhdrfqi/Owly

Owly is a powerful password generation tool designed to create secure and diverse password lists for various purposes, including security audits, penetration testing, and password recovery. It combines Leetspeak transformations, common password patterns, and user input variations to generate up to 50,000 unique password combinations.

Language: C++ - Size: 45.9 KB - Last synced at: 7 days ago - Pushed at: 7 days ago - Stars: 0 - Forks: 0