Top 201 malware-analysis open source projects

No description or website provided.

An open source script to perform malware static analysis on Portable Executable

Extract and Deobfuscate XLM macros (a.k.a Excel 4.0 Macros)

Vba2Graph - Generate call graphs from VBA code, for easier analysis of malicious documents.

DrSemu - Sandboxed Malware Detection and Classification Tool Based on Dynamic Behavior

Simple No-meaning Assembly Omitter for IDA Pro (This is just a prototype)

.NET runtime inspector

UNIX-like reverse engineering framework and command-line toolset

Don't Just Search OSINT. Sweep It.

Personal compilation of APT malware from whitepaper releases, documents and own research

APK/DEX detector for Windows, Linux and MacOS.

Authors

Cmulator is ( x86 - x64 ) Scriptable Reverse Engineering Sandbox Emulator for shellcode and PE binaries . Based on Unicorn & Zydis Engine & javascript

Ghidra Analysis Enhancer 🐉

A command line tool to find malwares on http://openmalware.org

Android app analysis and feature extraction library

Program for determining types of files for Windows, Linux and MacOS.

Endpoint detection & Malware analysis software

Advanced and easy to use penetration testing framework 💣🔎

A SDK for the creation of analysis tools without obtaining app source code in order to profile runtime performance, examine code coverage, and track high-risk behaviors of a given app on Android 5.0 and above.

A bunch of Windows anti-debugging tricks for x86 and x64.

Sandbox for automated Linux malware analysis.

A collection of c++ programs that demonstrate common ways to detect the presence of an attached debugger.

Free Malware Training Datasets for Machine Learning

Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing

This project aims at simplifying Windows API import recovery on arbitrary memory dumps

Intel Owl: analyze files, domains, IPs in multiple ways from a single API at scale

Linker/Compiler/Tool detector for Windows, Linux and MacOS.

Detect silent (unwanted) changes to files on your system

Set of functions to increase productivity while hacking with Bash

Distributed malware processing framework based on Python, Redis and MinIO.

Awesome CSIRT is an curated list of links and resources in security and CSIRT daily activities.

Toolkit for enriching and speeding up static malware analysis

A Python library and command line tools to provide interactive log visualization.

A repository of my completed writeups, along with the samples themselves.

Malware repository component for samples & static configuration with REST API interface.

Setup scripts for my Malware Analysis VMs

Tools for the Computer Incident Response Team 💻

A binary analysis framework

oletools - python tools to analyze MS OLE2 files (Structured Storage, Compound File Binary Format) and MS Office documents, for malware analysis, forensics and debugging.

The FLARE team's open-source tool to identify capabilities in executable files.

A toolkit for Security Researchers

Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).

🔍 Offline Analyzer for extracting features, artifacts and IoCs from Windows, Linux, Android, iPhone, Blackberry, macOS binaries, emails and more

This repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions

GDA is a new fast and powerful decompiler in C++(working without Java VM) for the APK, DEX, ODEX, OAT, JAR, AAR, and CLASS file. which supports malicious behavior detection, privacy leaking detection, vulnerability detection, path solving, packer identification, variable tracking, deobfuscation, python&java scripts, device memory extraction, dat…

A curated list of awesome YARA rules, tools, and people.

A lightweight tool to score network traffic and flag anomalies

Mach-O & Universal Binary Parser

A collection of scripts to initialize a windows VM to run all the malwares!

A modular Python application to pull intelligence about malicious files

Livro: Fundamentos de Engenharia Reversa

Fast Static File Analysis Framework

VirusTotal Wanna Be - Now with 100% more Hipster

Malware Data Science Reading Diary / Notes

[Suspended] FakeNet-NG - Next Generation Dynamic Network Analysis Tool

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

Bringing you the best of the worst files on the Internet.

Saydog Framework

Collection of scripts for different malware analysis tasks