{"id":21400586,"url":"https://github.com/cybersecurityup/awesome-malware-and-reverse-engineering","last_synced_at":"2026-01-26T12:37:12.050Z","repository":{"id":46941569,"uuid":"374164732","full_name":"CyberSecurityUP/Awesome-Malware-and-Reverse-Engineering","owner":"CyberSecurityUP","description":null,"archived":false,"fork":false,"pushed_at":"2022-08-12T20:16:13.000Z","size":4087,"stargazers_count":358,"open_issues_count":0,"forks_count":90,"subscribers_count":16,"default_branch":"main","last_synced_at":"2024-05-21T02:23:00.992Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/CyberSecurityUP.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2021-06-05T16:41:54.000Z","updated_at":"2024-05-20T16:32:57.000Z","dependencies_parsed_at":"2022-08-12T13:11:17.350Z","dependency_job_id":null,"html_url":"https://github.com/CyberSecurityUP/Awesome-Malware-and-Reverse-Engineering","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CyberSecurityUP%2FAwesome-Malware-and-Reverse-Engineering","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CyberSecurityUP%2FAwesome-Malware-and-Reverse-Engineering/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CyberSecurityUP%2FAwesome-Malware-and-Reverse-Engineering/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CyberSecurityUP%2FAwesome-Malware-and-Reverse-Engineering/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/CyberSecurityUP","download_url":"https://codeload.github.com/CyberSecurityUP/Awesome-Malware-and-Reverse-Engineering/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":243893905,"owners_count":20364916,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-22T15:23:08.215Z","updated_at":"2026-01-26T12:37:07.022Z","avatar_url":"https://github.com/CyberSecurityUP.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"# Malware and Reverse Engineering Complete Collection by Joas\n\n## What is?\n\n- https://www.crowdstrike.com/cybersecurity-101/malware/malware-analysis/\n- https://en.wikipedia.org/wiki/Malware_analysis\n- https://sectigostore.com/blog/malware-analysis-what-it-is-how-it-works/\n- https://digitalguardian.com/blog/what-malware-analysis-defining-and-outlining-process-malware-analysis\n\n- https://www.sans.org/reading-room/whitepapers/malicious/paper/2103\n\n- https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/\n\n- https://www.logsign.com/blog/malware-analysis-things-you-should-know/\n\n- https://www.first.org/global/sigs/malware/\n\n- https://www.opswat.com/solutions/malware-analysis\n\n- https://medium.com/techiepedia/malware-analysis-the-art-of-understanding-malware-ffc5e69feb3e\n\n- https://www.jigsawacademy.com/blogs/cyber-security/malware-analysis/\n\n- https://astromachineworks.com/what-is-reverse-engineering/#:~:text=Reverse%20engineering%2C%20sometimes%20called%20back,individual%20components%20of%20larger%20products.\n\n- https://www.youtube.com/watch?v=oxo1FBScEAs\n\n- https://www.youtube.com/watch?v=a2EkORFcSZo\n\n- https://www.youtube.com/watch?v=7v7UaMsgg_c\n\n- https://www.wevolver.com/article/what-is-reverse-engineering-\n\n- https://www.computerworld.com/article/2585652/reverse-engineering.html\n\n- https://www.geeksforgeeks.org/software-engineering-reverse-engineering/\n\n## Awesome Malware Analysis\n\n- https://github.com/rshipp/awesome-malware-analysis\n\n- Anonymizers\n\n\t- Web traffic anonymizers for analysts.\n\t- Anonymouse.org - A free, web based anonymizer.\n\t- OpenVPN - VPN software and hosting solutions.\n\t- Privoxy - An open source proxy server with some privacy features.\n\t- Tor - The Onion Router, for browsing the web without leaving traces of the client IP.\n\n- Honeypots\n\n\t- Trap and collect your own samples.\n\t- Conpot - ICS/SCADA honeypot.\n\t- Cowrie - SSH honeypot, based on Kippo.\n\t- DemoHunter - Low interaction Distributed Honeypots.\n\t- Dionaea - Honeypot designed to trap malware.\n\t- Glastopf - Web application honeypot.\n\t- Honeyd - Create a virtual honeynet.\n\t- HoneyDrive - Honeypot bundle Linux distro.\n\t- Honeytrap - Opensource system for running, monitoring and managing honeypots.\n\t- MHN - MHN is a centralized server for management and data collection of honeypots. MHN allows you to deploy sensors quickly and to collect data immediately, viewable from a neat web interface.\n\t- Mnemosyne - A normalizer for honeypot data; supports Dionaea.\n\t- Thug - Low interaction honeyclient, for investigating malicious websites.\n\n- Malware Corpora\n\n\t- Malware samples collected for analysis.\n\t- Clean MX - Realtime database of malware and malicious domains.\n\t- Contagio - A collection of recent malware samples and analyses.\n\t- Exploit Database - Exploit and shellcode samples.\n\t- Infosec - CERT-PA - Malware samples collection and analysis.\n\t- InQuest Labs - Evergrowing searchable corpus of malicious Microsoft documents.\n\t- Javascript Mallware Collection - Collection of almost 40.000 javascript malware samples\n\t- Malpedia - A resource providing rapid identification and actionable context for malware investigations.\n\t- Malshare - Large repository of malware actively scrapped from malicious sites.\n\t- Open Malware Project - Sample information and downloads. Formerly Offensive Computing.\n\t- Ragpicker - Plugin based malware crawler with pre-analysis and reporting functionalities\n\t- theZoo - Live malware samples for analysts.\n\t- Tracker h3x - Agregator for malware corpus tracker and malicious download sites.\n\t- vduddu malware repo - Collection of various malware files and source code.\n\t- VirusBay - Community-Based malware repository and social network.\n\t- ViruSign - Malware database that detected by many anti malware programs except ClamAV.\n\t- VirusShare - Malware repository, registration required.\n\t- VX Vault - Active collection of malware samples.\n\t- Zeltser's Sources - A list of malware sample sources put together by Lenny Zeltser.\n\t- Zeus Source Code - Source for the Zeus trojan leaked in 2011.\n\t- VX Underground - Massive and growing collection of free malware samples.\n\n- Open Source Threat Intelligence\n\n\t- Harvest and analyze IOCs.\n\t- AbuseHelper - An open-source framework for receiving and redistributing abuse feeds and threat intel.\n\t- AlienVault Open Threat Exchange - Share and collaborate in developing Threat Intelligence.\n\t- Combine - Tool to gather Threat Intelligence indicators from publicly available sources.\n\t- Fileintel - Pull intelligence per file hash.\n\t- Hostintel - Pull intelligence per host.\n\t- IntelMQ - A tool for CERTs for processing incident data using a message queue.\n\t- IOC Editor - A free editor for XML IOC files.\n\t- iocextract - Advanced Indicator of Compromise (IOC) extractor, Python library and command-line tool.\n\t- ioc_writer - Python library for working with OpenIOC objects, from Mandiant.\n\t- MalPipe - Malware/IOC ingestion and processing engine, that enriches collected data.\n\t- Massive Octo Spice - Previously known as CIF (Collective Intelligence Framework). Aggregates IOCs from various lists. Curated by the CSIRT Gadgets Foundation.\n\t- MISP - Malware Information Sharing Platform curated by The MISP Project.\n\t- Pulsedive - Free, community-driven threat intelligence platform collecting IOCs from open-source feeds.\n\t- PyIOCe - A Python OpenIOC editor.\n\t- RiskIQ - Research, connect, tag and share IPs and domains. (Was PassiveTotal.)\n\t- threataggregator - Aggregates security threats from a number of sources, including some of those listed below in other resources.\n\t- ThreatConnect - TC Open allows you to see and share open source threat data, with support and validation from our free community.\n\t- ThreatCrowd - A search engine for threats, with graphical visualization.\n\t- ThreatIngestor - Build automated threat intel pipelines sourcing from Twitter, RSS, GitHub, and more.\n\t- ThreatTracker - A Python script to monitor and generate alerts based on IOCs indexed by a set of Google Custom Search Engines.\n\t- TIQ-test - Data visualization and statistical analysis of Threat Intelligence feeds.\n\t- Autoshun (list) - Snort plugin and blocklist.\n\t- Bambenek Consulting Feeds - OSINT feeds based on malicious DGA algorithms.\n\t- Fidelis Barncat - Extensive malware config database (must request access).\n\t- CI Army (list) - Network security blocklists.\n\t- Critical Stack- Free Intel Market - Free intel aggregator with deduplication featuring 90+ feeds and over 1.2M indicators.\n\t- Cybercrime tracker - Multiple botnet active tracker.\n\t- FireEye IOCs - Indicators of Compromise shared publicly by FireEye.\n\t- FireHOL IP Lists - Analytics for 350+ IP lists with a focus on attacks, malware and abuse. Evolution, Changes History, Country Maps, Age of IPs listed, Retention Policy, Overlaps.\n\t- HoneyDB - Community driven honeypot sensor data collection and aggregation.\n\t- hpfeeds - Honeypot feed protocol.\n\t- Infosec - CERT-PA lists (IPs - Domains - URLs) - Blocklist service.\n\t- InQuest REPdb - Continuous aggregation of IOCs from a variety of open reputation sources.\n\t- InQuest IOCdb - Continuous aggregation of IOCs from a variety of blogs, Github repos, and Twitter.\n\t- Internet Storm Center (DShield) - Diary and searchable incident database, with a web API. (unofficial Python library).\n\t- malc0de - Searchable incident database.\n\t- Malware Domain List - Search and share malicious URLs.\n\t- MetaDefender Threat Intelligence Feed - List of the most looked up file hashes from MetaDefender Cloud.\n\t- OpenIOC - Framework for sharing threat intelligence.\n\t- Proofpoint Threat Intelligence - Rulesets and more. (Formerly Emerging Threats.)\n\t- Ransomware overview - A list of ransomware overview with details, detection and prevention.\n\t- STIX - Structured Threat Information eXpression - Standardized language to represent and share cyber threat information. Related efforts from MITRE:\n\t- CAPEC - Common Attack Pattern Enumeration and Classification\n\t- CybOX - Cyber Observables eXpression\n\t- MAEC - Malware Attribute Enumeration and Characterization\n\t- TAXII - Trusted Automated eXchange of Indicator Information\n\t- SystemLookup - SystemLookup hosts a collection of lists that provide information on the components of legitimate and potentially unwanted programs.\n\t- ThreatMiner - Data mining portal for threat intelligence, with search.\n\t- threatRECON - Search for indicators, up to 1000 free per month.\n\t- ThreatShare - C2 panel tracker\n\t- Yara rules - Yara rules repository.\n\t- YETI - Yeti is a platform meant to organize observables, indicators of compromise, TTPs, and knowledge on threats in a single, unified repository.\n\t- ZeuS Tracker - ZeuS blocklists.\n\n- Detection and Classification\n\n\t- AnalyzePE - Wrapper for a variety of tools for reporting on Windows PE files.\n\t- Assemblyline - A scalable distributed file analysis framework.\n\t- BinaryAlert - An open source, serverless AWS pipeline that scans and alerts on uploaded files based on a set of YARA rules.\n\t- capa - Detects capabilities in executable files.\n\t- chkrootkit - Local Linux rootkit detection.\n\t- ClamAV - Open source antivirus engine.\n\t- Detect It Easy(DiE) - A program for determining types of files.\n\t- Exeinfo PE - Packer, compressor detector, unpack info, internal exe tools.\n\t- ExifTool - Read, write and edit file metadata.\n\t- File Scanning Framework - Modular, recursive file scanning solution.\n\t- fn2yara - FN2Yara is a tool to generate Yara signatures for matching functions (code) in an executable program.\n\t- Generic File Parser - A Single Library Parser to extract meta information,static analysis and detect macros within the files.\n\t- hashdeep - Compute digest hashes with a variety of algorithms.\n\t- HashCheck - Windows shell extension to compute hashes with a variety of algorithms.\n\t- Loki - Host based scanner for IOCs.\n\t- Malfunction - Catalog and compare malware at a function level.\n\t- Manalyze - Static analyzer for PE executables.\n\t- MASTIFF - Static analysis framework.\n\t- MultiScanner - Modular file scanning/analysis framework\n\t- Nauz File Detector(NFD) - Linker/Compiler/Tool detector for Windows, Linux and MacOS.\n\t- nsrllookup - A tool for looking up hashes in NIST's National Software Reference Library database.\n\t- packerid - A cross-platform Python alternative to PEiD.\n\t- PE-bear - Reversing tool for PE files.\n\t- PEframe - PEframe is an open source tool to perform static analysis on Portable Executable malware and malicious MS Office documents.\n\t- PEV - A multiplatform toolkit to work with PE files, providing feature-rich tools for proper analysis of suspicious binaries.\n\t- PortEx - Java library to analyse PE files with a special focus on malware analysis and PE malformation robustness.\n\t- Quark-Engine - An Obfuscation-Neglect Android Malware Scoring System\n\t- Rootkit Hunter - Detect Linux rootkits.\n\t- ssdeep - Compute fuzzy hashes.\n\t- totalhash.py - Python script for easy searching of the TotalHash.cymru.com database.\n\t- TrID - File identifier.\n\t- YARA - Pattern matching tool for analysts.\n\t- Yara rules generator - Generate yara rules based on a set of malware samples. Also contains a good strings DB to avoid false positives.\n\t- Yara Finder - A simple tool to yara match the file against various yara rules to find the indicators of suspicion.\n\n- Online Scanners and Sandboxes\n\n\t- anlyz.io - Online sandbox.\n\t- any.run - Online interactive sandbox.\n\t- AndroTotal - Free online analysis of APKs against multiple mobile antivirus apps.\n\t- AVCaesar - Malware.lu online scanner and malware repository.\n\t- BoomBox - Automatic deployment of Cuckoo Sandbox malware lab using Packer and Vagrant.\n\t- Cryptam - Analyze suspicious office documents.\n\t- Cuckoo Sandbox - Open source, self hosted sandbox and automated analysis system.\n\t- cuckoo-modified - Modified version of Cuckoo Sandbox released under the GPL. Not merged upstream due to legal concerns by the author.\n\t- cuckoo-modified-api - A Python API used to control a cuckoo-modified sandbox.\n\t- DeepViz - Multi-format file analyzer with machine-learning classification.\n\t- detux - A sandbox developed to do traffic analysis of Linux malwares and capturing IOCs.\n\t- DRAKVUF - Dynamic malware analysis system.\n\t- firmware.re - Unpacks, scans and analyzes almost any firmware package.\n\t- HaboMalHunter - An Automated Malware Analysis Tool for Linux ELF Files.\n\t- Hybrid Analysis - Online malware analysis tool, powered by VxSandbox.\n\t- Intezer - Detect, analyze, and categorize malware by identifying code reuse and code similarities.\n\t- IRMA - An asynchronous and customizable analysis platform for suspicious files.\n\t- Joe Sandbox - Deep malware analysis with Joe Sandbox.\n\t- Jotti - Free online multi-AV scanner.\n\t- Limon - Sandbox for Analyzing Linux Malware.\n\t- Malheur - Automatic sandboxed analysis of malware behavior.\n\t- malice.io - Massively scalable malware analysis framework.\n\t- malsub - A Python RESTful API framework for online malware and URL analysis services.\n\t- Malware config - Extract, decode and display online the configuration settings from common malwares.\n\t- MalwareAnalyser.io - Online malware anomaly-based static analyser with heuristic detection engine powered by data mining and machine learning.\n\t- Malwr - Free analysis with an online Cuckoo Sandbox instance.\n\t- MetaDefender Cloud - Scan a file, hash, IP, URL or domain address for malware for free.\n\t- NetworkTotal - A service that analyzes pcap files and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware using Suricata configured with EmergingThreats Pro.\n\t- Noriben - Uses Sysinternals Procmon to collect information about malware in a sandboxed environment.\n\t- PacketTotal - PacketTotal is an online engine for analyzing .pcap files, and visualizing the network traffic within.\n\t- PDF Examiner - Analyse suspicious PDF files.\n\t- ProcDot - A graphical malware analysis tool kit.\n\t- Recomposer - A helper script for safely uploading binaries to sandbox sites.\n\t- sandboxapi - Python library for building integrations with several open source and commercial malware sandboxes.\n\t- SEE - Sandboxed Execution Environment (SEE) is a framework for building test automation in secured Environments.\n\t- SEKOIA Dropper Analysis - Online dropper analysis (Js, VBScript, Microsoft Office, PDF).\n\t- VirusTotal - Free online analysis of malware samples and URLs\n\t- Visualize_Logs - Open source visualization library and command line tools for logs. (Cuckoo, Procmon, more to come...)\n\t- Zeltser's List - Free automated sandboxes and services, compiled by Lenny Zeltser.\n\n- Domain Analysis\n\n\t- AbuseIPDB - AbuseIPDB is a project dedicated to helping combat the spread of hackers, spammers, and abusive activity on the internet.\n\t- badips.com - Community based IP blacklist service.\n\t- boomerang - A tool designed for consistent and safe capture of off network web resources.\n\t- Cymon - Threat intelligence tracker, with IP/domain/hash search.\n\t- Desenmascara.me - One click tool to retrieve as much metadata as possible for a website and to assess its good standing.\n\t- Dig - Free online dig and other network tools.\n\t- dnstwist - Domain name permutation engine for detecting typo squatting, phishing and corporate espionage.\n\t- IPinfo - Gather information about an IP or domain by searching online resources.\n\t- Machinae - OSINT tool for gathering information about URLs, IPs, or hashes. Similar to Automator.\n\t- mailchecker - Cross-language temporary email detection library.\n\t- MaltegoVT - Maltego transform for the VirusTotal API. Allows domain/IP research, and searching for file hashes and scan reports.\n\t- Multi rbl - Multiple DNS blacklist and forward confirmed reverse DNS lookup over more than 300 RBLs.\n\t- NormShield Services - Free API Services for detecting possible phishing domains, blacklisted ip addresses and breached accounts.\n\t- PhishStats - Phishing Statistics with search for IP, domain and website title\n\t- Spyse - subdomains, whois, realted domains, DNS, hosts AS, SSL/TLS info,\n\t- SecurityTrails - Historical and current WHOIS, historical and current DNS records, similar domains, certificate information and other domain and IP related API and tools.\n\t- SpamCop - IP based spam block list.\n\t- SpamHaus - Block list based on domains and IPs.\n\t- Sucuri SiteCheck - Free Website Malware and Security Scanner.\n\t- Talos Intelligence - Search for IP, domain or network owner. (Previously SenderBase.)\n\t- TekDefense Automater - OSINT tool for gathering information about URLs, IPs, or hashes.\n\t- URLhaus - A project from abuse.ch with the goal of sharing malicious URLs that are being used for malware distribution.\n\t- URLQuery - Free URL Scanner.\n\t- urlscan.io - Free URL Scanner \u0026 domain information.\n\t- Whois - DomainTools free online whois search.\n\t- Zeltser's List - Free online tools for researching malicious websites, compiled by Lenny Zeltser.\n\t- ZScalar Zulu - Zulu URL Risk Analyzer.\n\n- Browser Malware\n\n\t- Bytecode Viewer - Combines multiple Java bytecode viewers and decompilers into one tool, including APK/DEX support.\n\t- Firebug - Firefox extension for web development.\n\t- Java Decompiler - Decompile and inspect Java apps.\n\t- Java IDX Parser - Parses Java IDX cache files.\n\t- JSDetox - JavaScript malware analysis tool.\n\t- jsunpack-n - A javascript unpacker that emulates browser functionality.\n\t- Krakatau - Java decompiler, assembler, and disassembler.\n\t- Malzilla - Analyze malicious web pages.\n\t- RABCDAsm - A \"Robust ActionScript Bytecode Disassembler.\"\n\t- SWF Investigator - Static and dynamic analysis of SWF applications.\n\t- swftools - Tools for working with Adobe Flash files.\n\t- xxxswf - A Python script for analyzing Flash files.\n\n- Documents and Shellcode\n\n\t- AnalyzePDF - A tool for analyzing PDFs and attempting to determine whether they are malicious.\n\t- box-js - A tool for studying JavaScript malware, featuring JScript/WScript support and ActiveX emulation.\n\t- diStorm - Disassembler for analyzing malicious shellcode.\n\t- InQuest Deep File Inspection - Upload common malware lures for Deep File Inspection and heuristical analysis.\n\t- JS Beautifier - JavaScript unpacking and deobfuscation.\n\t- libemu - Library and tools for x86 shellcode emulation.\n\t- malpdfobj - Deconstruct malicious PDFs into a JSON representation.\n\t- OfficeMalScanner - Scan for malicious traces in MS Office documents.\n\t- olevba - A script for parsing OLE and OpenXML documents and extracting useful information.\n\t- Origami PDF - A tool for analyzing malicious PDFs, and more.\n\t- PDF Tools - pdfid, pdf-parser, and more from Didier Stevens.\n\t- PDF X-Ray Lite - A PDF analysis tool, the backend-free version of PDF X-RAY.\n\t- peepdf - Python tool for exploring possibly malicious PDFs.\n\t- QuickSand - QuickSand is a compact C framework to analyze suspected malware documents to identify exploits in streams of different encodings and to locate and extract embedded executables.\n\t- Spidermonkey - Mozilla's JavaScript engine, for debugging malicious JS.\n\n- File Carving\n\n\t- For extracting files from inside disk and memory images.\n\t- bulk_extractor - Fast file carving tool.\n\t- EVTXtract - Carve Windows Event Log files from raw binary data.\n\t- Foremost - File carving tool designed by the US Air Force.\n\t- hachoir3 - Hachoir is a Python library to view and edit a binary stream field by field.\n\t- Scalpel - Another data carving tool.\n\t- SFlock - Nested archive extraction/unpacking (used in Cuckoo Sandbox).\n\n- Deobfuscation\n\n\t- Balbuzard - A malware analysis tool for reversing obfuscation (XOR, ROL, etc) and more.\n\t- de4dot - .NET deobfuscator and unpacker.\n\t- ex_pe_xor \u0026 iheartxor - Two tools from Alexander Hanel for working with single-byte XOR encoded files.\n\t- FLOSS - The FireEye Labs Obfuscated String Solver uses advanced static analysis techniques to automatically deobfuscate strings from malware binaries.\n\t- NoMoreXOR - Guess a 256 byte XOR key using frequency analysis.\n\t- PackerAttacker - A generic hidden code extractor for Windows malware.\n\t- PyInstaller Extractor - A Python script to extract the contents of a PyInstaller generated Windows executable file. The contents of the pyz file (usually pyc files) present inside the executable are also extracted and automatically fixed so that a Python bytecode decompiler will recognize it.\n\t- uncompyle6 - A cross-version Python bytecode decompiler. Translates Python bytecode back into equivalent Python source code.\n\t- un{i}packer - Automatic and platform-independent unpacker for Windows binaries based on emulation.\n\t- unpacker - Automated malware unpacker for Windows malware based on WinAppDbg.\n\t- unxor - Guess XOR keys using known-plaintext attacks.\n\t- VirtualDeobfuscator - Reverse engineering tool for virtualization wrappers.\n\t- XORBruteForcer - A Python script for brute forcing single-byte XOR keys.\n\t- XORSearch \u0026 XORStrings - A couple programs from Didier Stevens for finding XORed data.\n\t- xortool - Guess XOR key length, as well as the key itself.\n\n- Debugging and Reverse Engineering\n\n\t- angr - Platform-agnostic binary analysis framework developed at UCSB's Seclab.\n\t- bamfdetect - Identifies and extracts information from bots and other malware.\n\t- BAP - Multiplatform and open source (MIT) binary analysis framework developed at CMU's Cylab.\n\t- BARF - Multiplatform, open source Binary Analysis and Reverse engineering Framework.\n\t- binnavi - Binary analysis IDE for reverse engineering based on graph visualization.\n\t- Binary ninja - A reversing engineering platform that is an alternative to IDA.\n\t- Binwalk - Firmware analysis tool.\n\t- BluePill - Framework for executing and debugging evasive malware and protected executables.\n\t- Capstone - Disassembly framework for binary analysis and reversing, with support for many architectures and bindings in several languages.\n\t- codebro - Web based code browser using  clang to provide basic code analysis.\n\t- Cutter - GUI for Radare2.\n\t- DECAF (Dynamic Executable Code Analysis Framework) - A binary analysis platform based   on QEMU. DroidScope is now an extension to DECAF.\n\t- dnSpy - .NET assembly editor, decompiler and debugger.\n\t- dotPeek - Free .NET Decompiler and Assembly Browser.\n\t- Evan's Debugger (EDB) - A modular debugger with a Qt GUI.\n\t- Fibratus - Tool for exploration and tracing of the Windows kernel.\n\t- FPort - Reports open TCP/IP and UDP ports in a live system and maps them to the owning application.\n\t- GDB - The GNU debugger.\n\t- GEF - GDB Enhanced Features, for exploiters and reverse engineers.\n\t- Ghidra - A software reverse engineering (SRE) framework created and maintained by the National Security Agency Research Directorate.\n\t- hackers-grep - A utility to search for strings in PE executables including imports, exports, and debug symbols.\n\t- Hopper - The macOS and Linux Disassembler.\n\t- IDA Pro - Windows disassembler and debugger, with a free evaluation version.\n\t- IDR - Interactive Delphi Reconstructor is a decompiler of Delphi executable files and dynamic libraries.\n\t- Immunity Debugger - Debugger for malware analysis and more, with a Python API.\n\t- ILSpy - ILSpy is the open-source .NET assembly browser and decompiler.\n\t- Kaitai Struct - DSL for file formats / network protocols / data structures reverse engineering and dissection, with code generation for C++, C#, Java, JavaScript, Perl, PHP, Python, Ruby.\n\t- LIEF - LIEF provides a cross-platform library to parse, modify and abstract ELF, PE and MachO formats.\n\t- ltrace - Dynamic analysis for Linux executables.\n\t- mac-a-mal - An automated framework for mac malware hunting.\n\t- objdump - Part of GNU binutils, for static analysis of Linux binaries.\n\t- OllyDbg - An assembly-level debugger for Windows executables.\n\t- OllyDumpEx - Dump memory from (unpacked) malware Windows process and store raw or rebuild PE file. This is a plugin for OllyDbg, Immunity Debugger, IDA Pro, WinDbg, and x64dbg.\n\t- PANDA - Platform for Architecture-Neutral Dynamic Analysis.\n\t- PEDA - Python Exploit Development Assistance for GDB, an enhanced display with added commands.\n\t- pestudio - Perform static analysis of Windows executables.\n\t- Pharos - The Pharos binary analysis framework can be used to perform automated static analysis of binaries.\n\t- plasma - Interactive disassembler for x86/ARM/MIPS.\n\t- PPEE (puppy) - A Professional PE file Explorer for reversers, malware researchers and those who want to statically inspect PE files in more detail.\n\t- Process Explorer - Advanced task manager for Windows.\n\t- Process Hacker - Tool that monitors system resources.\n\t- Process Monitor - Advanced monitoring tool for Windows programs.\n\t- PSTools - Windows command-line tools that help manage and investigate live systems.\n\t- Pyew - Python tool for malware analysis.\n\t- PyREBox - Python scriptable reverse engineering sandbox by the Talos team at Cisco.\n\t- QKD - QEMU with embedded WinDbg server for stealth debugging.\n\t- Radare2 - Reverse engineering framework, with debugger support.\n\t- RegShot - Registry compare utility that compares snapshots.\n\t- RetDec - Retargetable machine-code decompiler with an online decompilation service and API that you can use in your tools.\n\t- ROPMEMU - A framework to analyze, dissect and decompile complex code-reuse attacks.\n\t- Scylla Imports Reconstructor - Find and fix the IAT of an unpacked / dumped PE32 malware.\n\t- ScyllaHide - An Anti-Anti-Debug library and plugin for OllyDbg, x64dbg, IDA Pro, and TitanEngine.\n\t- SMRT - Sublime Malware Research Tool, a plugin for Sublime 3 to aid with malware analyis.\n\t- strace - Dynamic analysis for Linux executables.\n\t- StringSifter - A machine learning tool that automatically ranks strings based on their relevance for malware analysis.\n\t- Triton - A dynamic binary analysis (DBA) framework.\n\t- Udis86 - Disassembler library and tool for x86 and x86_64.\n\t- Vivisect - Python tool for malware analysis.\n\t- WinDbg - multipurpose debugger for the Microsoft Windows computer operating system, used to debug user mode applications, device drivers, and the kernel-mode memory dumps.\n\t- X64dbg - An open-source x64/x32 debugger for windows.\n\n- Network\n\n\t- Bro - Protocol analyzer that operates at incredible scale; both file and network protocols.\n\t- BroYara - Use Yara rules from Bro.\n\t- CapTipper - Malicious HTTP traffic explorer.\n\t- chopshop - Protocol analysis and decoding framework.\n\t- CloudShark - Web-based tool for packet analysis and malware traffic detection.\n\t- FakeNet-NG - Next generation dynamic network analysis tool.\n\t- Fiddler - Intercepting web proxy designed for \"web debugging.\"\n\t- Hale - Botnet C\u0026C monitor.\n\t- Haka - An open source security oriented language for describing protocols and applying security policies on (live) captured traffic.\n\t- HTTPReplay - Library for parsing and reading out PCAP files, including TLS streams using TLS Master Secrets (used in Cuckoo Sandbox).\n\t- INetSim - Network service emulation, useful when building a malware lab.\n\t- Laika BOSS - Laika BOSS is a file-centric malware analysis and intrusion detection system.\n\t- Malcolm - Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files) and Zeek logs.\n\t- Malcom - Malware Communications Analyzer.\n\t- Maltrail - A malicious traffic detection system, utilizing publicly available (black)lists containing malicious and/or generally suspicious trails and featuring an reporting and analysis interface.\n\t- mitmproxy - Intercept network traffic on the fly.\n\t- Moloch - IPv4 traffic capturing, indexing and database system.\n\t- NetworkMiner - Network forensic analysis tool, with a free version.\n\t- ngrep - Search through network traffic like grep.\n\t- PcapViz - Network topology and traffic visualizer.\n\t- Python ICAP Yara - An ICAP Server with yara scanner for URL or content.\n\t- Squidmagic - squidmagic is a tool designed to analyze a web-based network traffic to detect central command and control (C\u0026C) servers and malicious sites, using Squid proxy server and Spamhaus.\n\t- Tcpdump - Collect network traffic.\n\t- tcpick - Trach and reassemble TCP streams from network traffic.\n\t- tcpxtract - Extract files from network traffic.\n\t- Wireshark - The network traffic analysis tool.\n\n- Memory Forensics\n\n\t- BlackLight - Windows/MacOS forensics client supporting hiberfil, pagefile, raw memory analysis.\n\t- DAMM - Differential Analysis of Malware in Memory, built on Volatility.\n\t- evolve - Web interface for the Volatility Memory Forensics Framework.\n\t- FindAES - Find AES encryption keys in memory.\n\t- inVtero.net - High speed memory analysis framework developed in .NET supports all Windows x64, includes code integrity and write support.\n\t- Muninn - A script to automate portions of analysis using Volatility, and create a readable report.\n\t- Rekall - Memory analysis framework, forked from Volatility in 2013.\n\t- TotalRecall - Script based on Volatility for automating various malware analysis tasks.\n\t- VolDiff - Run Volatility on memory images before and after malware execution, and report changes.\n\t- Volatility - Advanced memory forensics framework.\n\t- VolUtility - Web Interface for Volatility Memory Analysis framework.\n\t- WDBGARK - WinDBG Anti-RootKit Extension.\n\t- WinDbg - Live memory inspection and kernel debugging for Windows systems.\n\n- Storage and Workflow\n\n\t- Aleph - Open Source Malware Analysis Pipeline System.\n\t- CRITs - Collaborative Research Into Threats, a malware and threat repository.\n\t- FAME - A malware analysis framework featuring a pipeline that can be extended with custom modules, which can be chained and interact with each other to perform end-to-end analysis.\n\t- Malwarehouse - Store, tag, and search malware.\n\t- Polichombr - A malware analysis platform designed to help analysts to reverse malwares collaboratively.\n\t- stoQ - Distributed content analysis framework with extensive plugin support, from input to output, and everything in between.\n\t- Viper - A binary management and analysis framework for analysts and researchers.\n\n- Resources\n\n\t- al-khaser - A PoC malware with good intentions that aimes to stress anti-malware systems.\n\t- CryptoKnight - Automated cryptographic algorithm reverse engineering and classification framework.\n\t- DC3-MWCP - The Defense Cyber Crime Center's Malware Configuration Parser framework.\n\t- FLARE VM - A fully customizable, Windows-based, security distribution for malware analysis.\n\t- MalSploitBase - A database containing exploits used by malware.\n\t- Malware Museum - Collection of malware programs that were distributed in the 1980s and 1990s.\n\t- Malware Organiser - A simple tool to organise large malicious/benign files into a organised Structure.\n\t- Pafish - Paranoid Fish, a demonstration tool that employs several techniques to detect sandboxes and analysis environments in the same way as malware families do.\n\t- REMnux - Linux distribution and docker images for malware reverse engineering and analysis.\n\t- Tsurugi Linux - Linux distribution designed to support your DFIR investigations, malware analysis and OSINT (Open Source INTelligence) activities.\n\t- Santoku Linux - Linux distribution for mobile forensics, malware analysis, and security.\n\t- Learning Malware Analysis - Learning Malware Analysis: Explore the concepts, tools, and techniques to analuze and investigate Windows malware\n\t- Malware Analyst's Cookbook and DVD - Tools and Techniques for Fighting Malicious Code.\n\t- Mastering Malware Analysis - Mastering Malware Analysis: The complete malware analyst's guide to combating malicious software, APT, cybercime, and IoT attacks\n\t- Mastering Reverse Engineering - Mastering Reverse Engineering: Re-engineer your ethical hacking skills\n\t- Practical Malware Analysis - The Hands-On Guide to Dissecting Malicious Software.\n\t- Practical Reverse Engineering - Intermediate Reverse Engineering.\n\t- Real Digital Forensics - Computer Security and Incident Response.\n\t- Rootkits and Bootkits - Rootkits and Bootkits: Reversing Modern Malware and Next Generation Threats\n\t- The Art of Memory Forensics - Detecting Malware and Threats in Windows, Linux, and Mac Memory.\n\t- The IDA Pro Book - The Unofficial Guide to the World's Most Popular Disassembler.\n\t- The Rootkit Arsenal - The Rootkit Arsenal: Escape and Evasion in the Dark Corners of the System\n\t- APT Notes - A collection of papers and notes related to Advanced Persistent Threats.\n\t- Ember - Endgame Malware BEnchmark for Research, a repository that makes it easy to (re)create a machine learning model that can be used to predict a score for a PE file based on static analysis.\n\t- File Formats posters - Nice visualization of commonly used file format (including PE \u0026 ELF).\n\t- Honeynet Project - Honeypot tools, papers, and other resources.\n\t- Kernel Mode - An active community devoted to malware analysis and kernel development.\n\t- Malicious Software - Malware blog and resources by Lenny Zeltser.\n\t- Malware Analysis Search - Custom Google search engine from Corey Harrell.\n\t- Malware Analysis Tutorials - The Malware Analysis Tutorials by Dr. Xiang Fu, a great resource for learning practical malware analysis.\n\t- Malware Analysis, Threat Intelligence and Reverse Engineering - Presentation introducing the concepts of malware analysis, threat intelligence and reverse engineering. Experience or prior knowledge is not required. Labs link in description.\n\t- Malware Persistence - Collection of various information focused on malware persistence: detection (techniques), response, pitfalls and the log collection (tools).\n\t- Malware Samples and Traffic - This blog focuses on network traffic related to malware infections.\n\t- Malware Search+++ Firefox extension allows you to easily search some of the most popular malware databases\n\t- Practical Malware Analysis Starter Kit - This package contains most of the software referenced in the Practical Malware Analysis book.\n\t- RPISEC Malware Analysis - These are the course materials used in the Malware Analysis course at at Rensselaer Polytechnic Institute during Fall 2015.\n\t- WindowsIR: Malware - Harlan Carvey's page on Malware.\n\t- Windows Registry specification - Windows registry file format specification.\n\t- /r/csirt_tools - Subreddit for CSIRT tools and resources, with a malware analysis flair.\n\t- /r/Malware - The malware subreddit.\n\t- /r/ReverseEngineering - Reverse engineering subreddit, not limited to just malware.\n\t- Android Security\n\t- AppSec\n\t- CTFs\n\t- Forensics\n\t- \"Hacking\"\n\t- Honeypots\n\t- Industrial Control System Security\n\t- Incident-Response\n\t- Infosec\n\t- PCAP Tools\n\t- Pentesting\n\t- Security\n\t- Threat Intelligence\n\t- YARA\n\n- https://github.com/fabacab/awesome-malware\n- https://medium.com/@progression.official/awesome-malware-analysis-24266e0cc348\n\n## Alexandre Borges\n\n- https://www.youtube.com/watch?v=rcA2tPp4nSU\n\n- https://www.youtube.com/watch?v=uyjMgzqILoo\n\n- https://www.youtube.com/watch?v=LIBaE6DEgM4\n\n- https://www.youtube.com/watch?v=UB3pVTO5izU\n\n- https://www.youtube.com/watch?v=aYQ4TIcGD2o\n\n- https://www.youtube.com/watch?v=67vesKcxQOQ\n\n- https://www.youtube.com/watch?v=i_xwrmDVzJU\n\n- https://www.youtube.com/watch?v=bCaMuHAJcHw\n\n- https://www.youtube.com/watch?v=1fk1t7wL1uI\n\n- https://www.youtube.com/watch?v=WUOVRSZ9Kq4\n\n- https://www.youtube.com/watch?v=20xYpxe8mBg\n\n- https://twitter.com/ale_sp_brazil\n\n## Fernando Mercês\n\n- https://twitter.com/mer0x36\n\n- https://blog.trendmicro.com.br/author/fernandom/\n\n- https://www.youtube.com/watch?v=I06wFfgn5eE\n\n- https://www.youtube.com/watch?v=cpU9U0sqzh4\n\n- https://www.youtube.com/watch?v=PG510bhFgXY\n\n- https://www.youtube.com/watch?v=bEV9Sc8ONXw\n\n- https://www.youtube.com/watch?v=L_WRNs2IAdY\n\n- https://www.youtube.com/watch?v=fnIzyA047EA\n\n- https://www.youtube.com/watch?v=Sp6Y83rdISo\n\n- https://www.youtube.com/watch?v=T-EqzfafU80\n\n- https://www.youtube.com/watch?v=p7nGGaTW9CQ\n\n## System Architecture\n\n- http://web.mit.edu/6.976/www/notes/Notes1.pdf\n\n- https://www.incose.org/docs/default-source/wasatch-chapter-documents/the-big-happy-family-of-architectures-r0.pdf?sfvrsn=613696c6_2\n\n- https://www.gaudisite.nl/SystemArchitectureProcessPaper.pdf\n\n- https://mitocw.ups.edu.ec/courses/aeronautics-and-astronautics/16-842-fundamentals-of-systems-engineering-fall-2015/lecture-notes/MTI16_842F15_Ses4_Con_Syn.pdf\n\n- https://www.regjeringen.no/contentassets/0de9ab36c5244c3ba9cbafa74c1876a2/securityarchitecture-ecountingofpvotesv1_1.pdf\n\n- https://www.kean.edu/~gchang/tech2920/http___professor.wiley.com_CGI-BIN_JSMPROXY_DOCUMENTDIRECTORDEV+DOCUMENTID\u00260471715425+DOCUMENTSUBID\u00261+PRFVALNAME\u0026pdfs_ch02.pdf\n\n- https://incoseuk.org/Documents/zGuides/Z8_System_Architecture.pdf\n\n- https://hal.archives-ouvertes.fr/hal-01407372/document\n\n- https://en.wikipedia.org/wiki/Systems_architecture#:~:text=A%20system%20architecture%20is%20the,and%20behaviors%20of%20the%20system.\n\n- https://thenewstack.io/primer-understanding-software-and-system-architecture/\n\n- https://www.sebokwiki.org/wiki/System_Architecture\n\n## Memory Management\n\n- https://www.cs.sjtu.edu.cn/~kzhu/cs490/9/9_MemMan.pdf\n\n- http://mit.bme.hu/~micskeiz/opre/files/eng/03-operating-systems-windows-memory-management.pdf\n\n- https://madoc.bib.uni-mannheim.de/3148/1/InternalsOfWindowsMemoryMangement2.pdf\n\n- https://www.intellectualheaven.com/Articles/WinMM.pdf\n\n- http://efreidoc.fr/L3/Operating%20System/Cours/PDF/2010-11/2010-11.cours.13.memory-management-in-windows-and-linux.op.pdf\n\n- https://www.dc.fi.udc.es/~so-grado/2020-21/Temas/SO-Memoria.pdf\n\n- https://warwick.ac.uk/fac/sci/physics/research/condensedmatt/imr_cdt/students/david_goodwin/teaching/operating_systems/l12_realos.pdf\n\n- http://www.tfzr.uns.ac.rs/Content/files/0/Lab08.pdf\n\n- https://www2.latech.edu/~box/os/ch08.pdf\n\n- https://dcc.ufrj.br/~valeriab/SO-VirtualMemory.pdf\n\n- http://www.cs.umsl.edu/~sanjiv/classes/cs4760/lectures/memory.pdf\n\n- http://www.ifsc.usp.br/~lattice/oldlattice/mod9.1.pdf\n\n## Assembly\n\n- https://www.ic.unicamp.br/~pannain/mc404/aulas/pdfs/Art%20Of%20Intel%20x86%20Assembly.pdf\n\n- https://www.ic.unicamp.br/~ducatte/mc404/2009/docs/beginner_avr.pdf\n\n- https://www.tutorialspoint.com/assembly_programming/assembly_tutorial.pdf\n\n- http://www.ece.utep.edu/courses/web3376/Notes_files/ee3376-assembly.pdf\n\n- http://www.egr.unlv.edu/~ed/assembly64.pdf\n\n- https://docs.oracle.com/cd/E19457-01/801-7045/801-7045.pdf\n\n- http://www.staroceans.org/kernel-and-driver/The.Art.of.Assembly.Language.2nd.Edition.pdf\n\n- http://index-of.co.uk/Assembly/Assembly_Language_Step_by_Step_en.pdf\n\n- https://www.cs.princeton.edu/courses/archive/spr18/cos217/lectures/13_Assembly1.pdf\n\n- http://arantxa.ii.uam.es/~gdrivera/sed/docs/ARMBook.pdf\n\n- https://en.wikipedia.org/wiki/X86_assembly_language\n\n- https://github.com/Maijin/awesome-asm\n\n- https://www.youtube.com/watch?v=75gBFiFtAb8\n\n- https://www.youtube.com/watch?v=ViNnfoE56V8\n\n- https://hackr.io/tutorials/learn-assembly-language\n\n- https://www.coursera.org/lecture/build-a-computer/unit-6-1-assembly-languages-and-assemblers-l4EGm\n\n- https://www.dca.fee.unicamp.br/~leopini/DISCIPLINAS/EA869/2018-1/c3-ARM-3.pdf\n\n- https://www.ic.unicamp.br/~ducatte/mc404/2009/docs/beginner_pt.pdf\n\n- http://www.inf.furb.br/~maw/arquitetura/aula16x4.pdf\n\n- http://www4.inf.puc-rio.br/~inf1018//corrente/aulas/Assembly-Introducao.pdf\n\n- https://www.ic.unicamp.br/~pannain/mc404/aulas/pdfs/Art%20Of%20Intel%20x86%20Assembly.pdf\n\n- https://www.tutorialspoint.com/assembly_programming/assembly_tutorial.pdf\n\n- http://www1.cs.columbia.edu/~sedwards/classes/2002/w4995-02/assembly.9up.pdf\n\n- https://home.adelphi.edu/~siegfried/cs174/174l2.pdf\n\n- https://home.adelphi.edu/~siegfried/cs174/174l3.pdf\n\n- https://www2.southeastern.edu/Academics/Faculty/kyang/2009/Fall/CMPS293\u0026290/ClassNotes/CMPS293\u0026290ClassNotesChap03.pdf\n\n- https://www.cs.dartmouth.edu/~sergey/cs258/tiny-guide-to-x86-assembly.pdf\n\n## C Language\n\n- https://www.unf.edu/~wkloster/2220/ppts/cprogramming_tutorial.pdf\n\n- https://www.microsoft.com/en-us/research/wp-content/uploads/1998/01/pal-manual.pdf\n\n- http://cosmicsoftware.com/pdf/Clanguage.pdf\n\n- https://public.support.unisys.com/framework/publicterms.aspx?returnurl=%2faseries%2fdocs%2fclearpath-mcp-17.0%2fpdf%2f86002268-206.pdf\n\n- https://www-personal.acfr.usyd.edu.au/tbailey/ctext/ctext.pdf\n\n- http://www.cs.columbia.edu/~sedwards/papers/sgi1999c.pdf\n\n- https://www.tutorialspoint.com/cprogramming/cprogramming_tutorial.pdf\n\n- http://cslibrary.stanford.edu/101/EssentialC.pdf\n\n- https://www.engr.uvic.ca/~mech410/ACAD_and_C/c_reference.pdf\n\n- https://www.gnu.org/software/gnu-c-manual/gnu-c-manual.pdf\n\n- https://www.youtube.com/watch?v=KJgsSFOSQv0\n\n- https://www.youtube.com/watch?v=8PopR3x-VMY\n\n- https://www.youtube.com/watch?v=iT_553vTyzI\n\n- https://www.youtube.com/watch?v=EjavYOFoJJ0\n\n- https://www.youtube.com/watch?v=-CpG3oATGIs\n\n- https://www.youtube.com/watch?v=ZSPZob_1TOk\n\n## Sysinternals\n\n- http://index-of.co.uk/Malware/WINDOWS%20SYSINTERNALS%20ADMINISTRATOR'S%20REFERENCE.pdf\n\n- https://ptgmedia.pearsoncmg.com/images/9780735684447/samplepages/9780735684447.pdf\n\n- https://neprisstore.blob.core.windows.net/sessiondocs/doc_c67d889c-039a-4977-8266-3e025c1408e3.pdf\n\n- https://docs.microsoft.com/en-us/sysinternals/downloads/\n\n- https://www.ebooks.com/en-us/book/95824138/troubleshooting-with-the-windows-sysinternals-tools/mark-e-russinovich/\n\n- https://repo.zenk-security.com/Linux%20et%20systemes%20d.exploitations/Windows%20Internals%20Part%201_6th%20Edition.pdf\n\n- http://index-of.es/Linux/Other/Windows%20Internals%20Part%202_6th%20Edition.pdf\n\n## Mente Binaria\n\n- https://www.mentebinaria.com.br/treinamentos/programa%C3%A7%C3%A3o-moderna-em-c/\n\n- https://www.mentebinaria.com.br/treinamentos/an%C3%A1lise-de-malware-online-amo-r11/\n\n- https://www.mentebinaria.com.br/treinamentos/curso-de-engenharia-reversa-online-cero-r6/\n\n- https://www.mentebinaria.com.br/treinamentos/curso-de-explora%C3%A7%C3%A3o-de-bin%C3%A1rios-ceb-r8/\n\n- https://www.mentebinaria.com.br/treinamentos/curso-de-ghidra-r9/\n\n- https://github.com/mentebinaria/\n\n- https://github.com/mentebinaria/fundamentos-engenharia-reversa\n\n## Vendor Research\n\n- https://www.youtube.com/c/KasperskyLab/videos\n\n- https://www.youtube.com/user/TrendMicroInc\n\n- https://www.youtube.com/user/SecureNetworks\n\n## My Social Networks\n\n- https://www.linkedin.com/in/joas-antonio-dos-santos\n\n- https://twitter.com/C0d3Cr4zy\n\n- https://medium.com/@joasantonio108\n\n## Filipi Pires\n\n- https://github.com/filipi86\n\n- https://twitter.com/FilipiPires?ref_src=twsrc%5Egoogle%7Ctwcamp%5Eserp%7Ctwgr%5Eauthor\n\n- https://www.youtube.com/watch?v=HYut-Xaapow\n\n- https://www.youtube.com/watch?v=TGNtFUkmdBg\n\n- https://www.youtube.com/watch?v=IqFOL7etSCc\u0026t\n\n- https://www.youtube.com/watch?v=yAjvfTYEhOw\n\n- https://www.youtube.com/watch?v=nxlqxLWO16k\n\n- https://www.youtube.com/watch?v=ixtzZdDvJZA\u0026t\n\n- https://www.youtube.com/watch?v=9S41xfTGQDo\n\n- https://www.youtube.com/watch?v=NVXpBy3RNTE\n\n- https://www.youtube.com/watch?v=bEyzxrLqX6Y\n\n- https://www.youtube.com/watch?v=F2ClgsBZiFk\n\n- https://www.youtube.com/watch?v=cev5YF64H58\n\n## Pavel Yosifovich\n\n\n- https://www.youtube.com/watch?v=h6BXMcRqYhA\n\n- https://www.youtube.com/watch?v=gBkvAO02qUY\n\n- https://twitter.com/zodiacon\n\n- https://github.com/zodiacon\n\n- https://www.pluralsight.com/authors/pavel-yosifovich\n\n- https://www.youtube.com/watch?v=AsSMKL5vaXw\n\n- https://scorpiosoftware.net/recorded-talks/\n\n- https://www.youtube.com/watch?v=dXSUrCyWqfw\n\n- https://www.youtube.com/watch?v=k7nAtrwPhR8\n\n- https://channel9.msdn.com/Shows/Defrag-Tools/Defrag-Tools-177-Windows-Internals-7th-Edition-Part-1\n\n- https://www.amazon.it/Pavel-Yosifovich/e/B00A2OTORO\n\n## Reverse Engineering\n\n- https://project-awesome.org/carpedm20/awesome-hacking\n\n- https://github.com/wtsxDev/reverse-engineering\n\n- https://github.com/mytechnotalent/Reverse-Engineering\n\n- https://github.com/tylerha97/awesome-reversing\n\n## Talks \n\n- https://www.youtube.com/watch?v=NCO9F7U3d6c\n\n- https://www.youtube.com/watch?v=LQDRophNaRU\n\n- https://www.youtube.com/watch?v=285b_DEmvHY\n\n- https://www.youtube.com/watch?v=kx2xp7IQNSc\n\n- https://www.youtube.com/watch?v=irhcfHBkfe0\n\n- https://www.youtube.com/watch?v=D4pc63SeHxI\n\n- https://www.youtube.com/watch?v=lR0nh-TdpVg\n\n- https://www.youtube.com/watch?v=mhOWdH2zwMk\n\n- https://www.youtube.com/watch?v=yf6J8XO_wpY\n\n- https://www.youtube.com/watch?v=3aCLFzCzPFI\n\n- https://www.youtube.com/watch?v=q7VZtCUphgg\n\n- https://www.youtube.com/watch?v=OeG4KBWB-EY\n\n- https://www.youtube.com/watch?v=QhCzYdqHlrs\n\n- https://www.youtube.com/watch?v=lF4vJVzk68Y\n\n- https://www.youtube.com/watch?v=v7XcyCjUTWk\u0026t=8s\n\n- https://www.youtube.com/watch?v=upe2-1UfEaM\n\n- https://www.youtube.com/watch?v=xcicWCxdmSU\n\n- https://www.youtube.com/watch?v=3pH13DxClag\n\n- https://www.youtube.com/watch?v=qLCE8spVX9Q\n\n- https://www.youtube.com/watch?v=-cZ7eDV2n5Y\n\n- https://www.youtube.com/watch?v=B-XELDUtaa8\n\n- https://www.youtube.com/watch?v=i3I8wtrjYY4\n\n- https://www.youtube.com/watch?v=9fAnRkJ6N3s\n\n- https://www.youtube.com/watch?v=TDk2RId8LFo\n\n- https://www.youtube.com/watch?v=6Chp12sEnWk\n\n- https://www.youtube.com/watch?v=-MaO-lmteeQ\n\n- https://www.youtube.com/watch?v=FGCle6T0Jpc\n\n- https://www.youtube.com/watch?v=2NawGCUOYT4\n\n- https://www.youtube.com/watch?v=KSA2ZIDS1ec\n\n- https://www.youtube.com/watch?v=3pH13DxClag\n\n- https://www.youtube.com/watch?v=L8lA1pNvcz4\n\n- https://www.youtube.com/watch?v=BMFCdAGxVN4\n\n- https://www.youtube.com/watch?v=bU1F5TdzLDM\n\n- https://www.youtube.com/watch?v=zm7CLH4qrWE\n\n- https://www.youtube.com/watch?v=VBuWOPHQnZI\n\n- https://www.youtube.com/watch?v=j_DRFWg1arw\n\n- https://www.youtube.com/watch?v=y2lhY18f578\n\n- https://www.youtube.com/watch?v=l5sMPGjtKn0\u0026t=10s\n\n- https://www.youtube.com/watch?v=Hw2HclZV2Kw\n\n- https://www.youtube.com/watch?v=EDBtJhQlr_0\n\n- https://www.youtube.com/watch?v=sObGrnesxv4\n\n- https://www.youtube.com/watch?v=wDNQ-8aWLO0\n\n- https://www.youtube.com/watch?v=2kyFLB9aK8Q\n\n- https://www.youtube.com/watch?v=OcuzaOLs7dM\n\n- https://www.youtube.com/watch?v=Y6e_ctKqSqM\n\n- https://www.youtube.com/watch?v=N0Ne623fKWc\n\n- https://www.youtube.com/watch?v=HlUe0TUHOIc\n\n- https://www.youtube.com/watch?v=s0Tqi7fuOSU\n\n- https://www.youtube.com/watch?v=g6dtjtYOw2w\n\n- https://www.youtube.com/watch?v=lyeko1GILU4\n\n- https://www.youtube.com/watch?v=q9KWeXRk8UU\n\n- https://www.youtube.com/watch?v=icJ8HV22cbc\n\n- https://www.youtube.com/watch?v=hOKWTeiyy-Q\n\n- https://www.youtube.com/watch?v=cHo0zl8gtrU\n\n- https://www.youtube.com/watch?v=YM5I8yR7yCw\n\n- https://www.youtube.com/watch?v=hbqVNlwfjxo\n\n- https://www.youtube.com/watch?v=HlUe0TUHOIc\n\n- https://www.youtube.com/watch?v=6FzGGKnzO20\n\n- https://www.youtube.com/watch?v=DHsqb2poGII\u0026t=128s\n\n- https://www.youtube.com/watch?v=2NawGCUOYT4\u0026t=4s\n\n- https://www.youtube.com/watch?v=hABj_mrP-no\n\n- https://www.youtube.com/watch?v=HsievGJQG0w\n\n- https://www.youtube.com/watch?v=ZDXTdgfG5HE\n\n- https://www.youtube.com/watch?v=LAkYW5ixvhg\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcybersecurityup%2Fawesome-malware-and-reverse-engineering","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcybersecurityup%2Fawesome-malware-and-reverse-engineering","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcybersecurityup%2Fawesome-malware-and-reverse-engineering/lists"}