Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
awesome-malware-analysis
A curated list of awesome malware analysis tools and resources
https://github.com/shmilylty/awesome-malware-analysis
Last synced: about 20 hours ago
JSON representation
-
Domain Analysis
-
Other Resources
- SenderBase - Search for IP, domain or network
- SpamCop - IP based spam block list.
- SpamHaus - Block list based on
- Sucuri SiteCheck - Free Website Malware
- Whois - DomainTools free online whois
- Zeltser's List - Free
- ZScalar Zulu - Zulu URL Risk Analyzer.
- Dig - Free online dig and other
- Multi rbl - Multiple DNS blacklist and forward
- URLQuery - Free URL Scanner.
- TekDefense Automater - OSINT tool
-
-
Books
-
Other Resources
- The Rootkit Arsenal - The Rootkit Arsenal:
- Practical Reverse Engineering - Intermediate Reverse Engineering
- Malware Analyst's Cookbook and DVD
- Practical Malware Analysis - The Hands-On Guide
- Real Digital Forensics - Computer Security and Incident Response
- The Art of Memory Forensics - Detecting
- The IDA Pro Book - The Unofficial Guide
- Practical Reverse Engineering - Intermediate Reverse Engineering
-
-
Twitter
-
Other
-
Other Resources
- Malicious Software - Malware
- Honeypots
- Practical Malware Analysis Starter Kit
- WindowsIR: Malware - Harlan
- Windows Registry specification - Windows registry file format specification.
- /r/csirt_tools - Subreddit for CSIRT
- Incident-Response
- PCAP Tools
- Security
- malware analysis
- /r/Malware - The malware subreddit.
- /r/ReverseEngineering
- Android Security
- AppSec
- CTFs
- "Hacking"
-
-
Malware Collection
-
Honeypots
-
Malware Corpora
- Clean MX - Realtime
- Exploit Database - Exploit and shellcode
- MalwareDB - Malware samples repository.
- Open Malware Project - Sample information and
- Tracker h3x - Agregator for malware corpus tracker
- ViruSign - Malware database that detected by
- VirusShare - Malware repository, registration
- Zeltser's Sources - A list
- VX Vault - Active collection of malware samples.
-
Anonymizers
- Anonymouse.org - A free, web based anonymizer.
- OpenVPN - VPN software and hosting solutions.
- Privoxy - An open source proxy server with some
- Tor - The Onion Router, for browsing the web
-
-
Open Source Threat Intelligence
-
Tools
- AlienVault Open Threat Exchange - Share and
- PassiveTotal - Research, connect, tag and
- ThreatCrowd - A search engine for threats,
- IntelMQ
-
Other Resources
- Bambenek Consulting Feeds
- Fidelis Barncat
- CI Army - badguys.txt)) -
- Critical Stack- Free Intel Market - Free
- Cybercrime tracker - Multiple botnet active tracker.
- FireHOL IP Lists - Analytics for 350+ IP lists
- Internet Storm Center (DShield) - Diary and
- malc0de - Searchable incident database.
- Palevo Blocklists - Botnet
- Ransomware overview
- MITRE
- threatRECON - Search for indicators, up to 1000
- ZeuS Tracker - ZeuS
- Metadefender.com Threat Intelligence Feeds
- STIX - Structured Threat Information eXpression
- MAEC - Malware Attribute Enumeration and Characterization
- TAXII - Trusted Automated eXchange of Indicator Information
- Autoshun
-
-
Windows Artifacts
-
Other Resources
- python-registry - Python
- RegRipper
- GitHub
-
-
Storage and Workflow
-
Miscellaneous
-
Other Resources
- Binarly - Search engine for bytes in a large
- Malware Museum - Collection of
- REMnux - Linux distribution and docker images for
- Santoku Linux - Linux distribution for mobile
- Binarly - Search engine for bytes in a large
-
-
Detection and Classification
-
Other Resources
- ClamAV - Open source antivirus engine.
- packerid - A cross-platform
- totalhash.py - Python script
- ExifTool - Read, write and
-
-
Network
-
Other Resources
- Wireshark - The network traffic analysis
- Haka - An open source security oriented
- mitmproxy - Intercept network traffic on the fly.
- CloudShark - Web-based tool for packet analysis
-
-
Memory Forensics
-
Other Resources
- BlackLight - Windows/MacOS forensics
- FindAES - Find AES
- Rekall - Memory analysis framework,
-
-
Online Scanners and Sandboxes
-
Other Resources
- AndroTotal - Free online analysis of APKs
- AVCaesar - Malware.lu online scanner and
- Cuckoo Sandbox - Open source, self hosted
- DeepViz - Multi-format file analyzer with
- firmware.re - Unpacks, scans and analyzes almost any firmware package.
- Hybrid Analysis - Online malware
- IRMA - An asynchronous and customizable
- Jotti - Free online multi-AV scanner.
- Malware config - Extract, decode and display online
- Malwr - Free analysis with an online Cuckoo Sandbox
- MASTIFF Online - Online static
- NetworkTotal - A service that analyzes
- Sand droid - Automatic and complete
- Zeltser's List - Free
-
-
Browser Malware
-
Documents and Shellcode
-
Other Resources
- diStorm - Disassembler for analyzing
- JS Deobfuscator
- libemu - Library and tools for x86 shellcode
- OfficeMalScanner - Scan for
- olevba - A script for parsing OLE
- Origami PDF - A tool for
- PDF Tools - pdfid,
- QuickSand - QuickSand is a compact C framework
- Spidermonkey
- peepdf - Python
- JS Beautifier - JavaScript unpacking and deobfuscation.
-
-
File Carving
-
Other Resources
- Hachoir - A collection of Python
-
-
Deobfuscation
-
Other Resources
- Balbuzard - A malware
- ex_pe_xor
- iheartxor
- XORSearch & XORStrings
-
-
Debugging and Reverse Engineering
-
Other Resources
- bamfdetect - Identifies and extracts
- Binary ninja - A reversing engineering platform that is an alternative to IDA.
- Bokken - GUI for Pyew and Radare.
- IDA Pro - Windows
- Immunity Debugger - Debugger for
- Kaitai Struct - DSL for file formats / network protocols /
- ltrace - Dynamic analysis for Linux executables.
- objdump - Part of GNU binutils,
- OllyDbg - An assembly-level debugger for Windows
- PPEE (puppy) - A Professional PE file Explorer for
- RegShot - Registry compare utility that compares snapshots.
- strace - Dynamic analysis for
- FPort - Reports
-
Programming Languages
Categories
Open Source Threat Intelligence
22
Malware Collection
18
Other
16
Twitter
16
Online Scanners and Sandboxes
14
Debugging and Reverse Engineering
13
Domain Analysis
11
Documents and Shellcode
11
Books
8
Miscellaneous
5
Deobfuscation
4
Detection and Classification
4
Network
4
Browser Malware
3
Memory Forensics
3
Windows Artifacts
3
Storage and Workflow
2
File Carving
1
Sub Categories
Keywords
security
7
awesome
5
awesome-list
4
honeypot
3
list
3
python
2
honeyd
1
cybersecurity
1
dfir
1
incident-response
1
incident-response-tooling
1
android
1
application-security
1
curated
1
owasp
1
reading-list
1
security-experts
1
ctf
1
penetration
1
hacking
1
ics
1
scada
1
dionaea
1
client-honeypot
1
honeyclient
1
low-interaction
1
security-tools
1
shellcode
1
virustotal
1