Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
awesome-malware-analysis
https://github.com/ducdohb/awesome-malware-analysis
Last synced: 5 days ago
JSON representation
-
Open Source Threat Intelligence
-
Tools
- IntelMQ
- AlienVault Open Threat Exchange - Share and
- ThreatCrowd - A search engine for threats,
-
Other Resources
- Autoshun
- STIX - Structured Threat Information eXpression
- MAEC - Malware Attribute Enumeration and Characterization
- TAXII - Trusted Automated eXchange of Indicator Information
- CI Army - badguys.txt)) -
- CRDF ThreatCenter - List of new threats detected
- FireHOL IP Lists - Analytics for 350+ IP lists
- Internet Storm Center (DShield) - Diary and
- malc0de - Searchable incident database.
- Palevo Blocklists - Botnet
- MITRE
- threatRECON - Search for indicators, up to 1000
- ZeuS Tracker - ZeuS
- CRDF ThreatCenter - List of new threats detected
-
-
Documents and Shellcode
-
Other Resources
- peepdf - Python
- JS Beautifier - JavaScript unpacking and deobfuscation.
- diStorm - Disassembler for analyzing
- JS Deobfuscator
- libemu - Library and tools for x86 shellcode
- OfficeMalScanner - Scan for
- olevba - A script for parsing OLE
- Origami PDF - A tool for
- PDF Tools - pdfid,
- QuickSand - QuickSand is a compact C framework
- Spidermonkey
-
-
Domain Analysis
-
Other Resources
- TekDefense Automator - OSINT tool
- SenderBase - Search for IP, domain or network
- SpamCop - IP based spam block list.
- SpamHaus - Block list based on
- Sucuri SiteCheck - Free Website Malware
- TekDefense Automator - OSINT tool
- URLQuery - Free URL Scanner.
- Whois - DomainTools free online whois
- Zeltser's List - Free
- Dig - Free online dig and other
-
-
Malware Collection
-
Honeypots
-
Malware Corpora
- Clean MX - Realtime
- Exploit Database - Exploit and shellcode
- MalwareDB - Malware samples repository.
- Open Malware Project - Sample information and
- ViruSign - Malware database that detected by
- VirusShare - Malware repository, registration
- Zeltser's Sources - A list
-
Anonymizers
- Anonymouse.org - A free, web based anonymizer.
- OpenVPN - VPN software and hosting solutions.
- Privoxy - An open source proxy server with some
- Tor - The Onion Router, for browsing the web
-
-
Detection and Classification
-
Other Resources
- ClamAV - Open source antivirus engine.
- packerid - A cross-platform
- totalhash.py - Python script
-
-
Online Scanners and Sandboxes
-
Other Resources
- AndroTotal - Free online analysis of APKs
- AVCaesar - Malware.lu online scanner and
- Cuckoo Sandbox - Open source, self hosted
- DeepViz - Multi-format file analyzer with
- Hybrid Analysis - Online malware
- IRMA - An asynchronous and customizable
- Jotti - Free online multi-AV scanner.
- Malwr - Free analysis with an online Cuckoo Sandbox
- MASTIFF Online - Online static
- NetworkTotal - A service that analyzes
- Zeltser's List - Free
-
-
Browser Malware
-
File Carving
-
Other Resources
- Hachoir - A collection of Python
-
-
Deobfuscation
-
Other Resources
- Balbuzard - A malware
- ex_pe_xor
- iheartxor
- XORSearch & XORStrings
-
-
Debugging and Reverse Engineering
-
Other Resources
- bamfdetect - Identifies and extracts
- Bokken - GUI for Pyew and Radare.
- IDA Pro - Windows
- Immunity Debugger - Debugger for
- ltrace - Dynamic analysis for Linux executables.
- objdump - Part of GNU binutils,
- OllyDbg - An assembly-level debugger for Windows
- PPEE (puppy) - A Professional PE file Explorer for
- strace - Dynamic analysis for
- X64dbg - An open-source x64/x32 debugger for windows.
- Process Monitor
-
-
Network
-
Memory Forensics
-
Windows Artifacts
-
Other Resources
- python-registry - Python
- RegRipper
- GitHub
-
-
Storage and Workflow
-
Miscellaneous
-
Other Resources
- Binarly - Search engine for bytes in a large
- REMnux - Linux distribution and docker images for
- Santoku Linux - Linux distribution for mobile
-
-
Twitter
-
Other
-
Other Resources
- Malicious Software - Malware
- Practical Malware Analysis Starter Kit
- WindowsIR: Malware - Harlan
- Windows Registry specification - Windows registry file format specification.
- /r/csirt_tools - Subreddit for CSIRT
- malware analysis
- /r/Malware - The malware subreddit.
- /r/ReverseEngineering
- Android Security
- AppSec
- CTFs
- "Hacking"
- Honeypots
- Incident-Response
- PCAP Tools
- Security
-
-
Books
-
Other Resources
-
Programming Languages
Categories
Malware Collection
18
Open Source Threat Intelligence
17
Other
16
Twitter
16
Documents and Shellcode
11
Debugging and Reverse Engineering
11
Online Scanners and Sandboxes
11
Domain Analysis
10
Deobfuscation
4
Miscellaneous
3
Browser Malware
3
Detection and Classification
3
Windows Artifacts
3
Network
3
Books
2
Memory Forensics
2
Storage and Workflow
2
File Carving
1
Sub Categories
Keywords
security
7
awesome
5
awesome-list
4
honeypot
3
list
3
python
2
ctf
1
security-experts
1
reading-list
1
owasp
1
curated
1
application-security
1
android
1
virustotal
1
shellcode
1
security-tools
1
low-interaction
1
honeyclient
1
client-honeypot
1
scada
1
ics
1
threatintel
1
threat-sharing
1
threat-analysis
1
telnet-honeypot
1
telnet
1
ssh
1
sftp
1
scp
1
kippo
1
decoy
1
deception
1
cowrie-ssh
1
cowrie
1
attacker
1
incident-response-tooling
1
incident-response
1
dfir
1
cybersecurity
1
honeyd
1
hacking
1
penetration
1