Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
paralax-awesome-malware-analysis
https://github.com/r3p3r/paralax-awesome-malware-analysis
Last synced: 5 days ago
JSON representation
-
Books
-
Other Resources
- Malware Analyst's Cookbook and DVD
- Real Digital Forensics - Computer Security and Incident Response
- The Art of Memory Forensics - Detecting
-
-
Memory Forensics
-
Other Resources
- Rekall - Memory analysis framework,
- BlackLight - Windows/MacOS forensics
- FindAES - Find AES
- Rekall - Memory analysis framework,
-
-
Open Source Threat Intelligence
-
Tools
- IntelMQ
- AlienVault Open Threat Exchange - Share and
- ThreatCrowd - A search engine for threats,
-
Other Resources
- Bambenek Consulting Feeds
- Fidelis Barncat
- CI Army - badguys.txt)) -
- Critical Stack- Free Intel Market - Free
- Cybercrime tracker - Multiple botnet active tracker.
- FireHOL IP Lists - Analytics for 350+ IP lists
- Internet Storm Center (DShield) - Diary and
- malc0de - Searchable incident database.
- Palevo Blocklists - Botnet
- Ransomware overview
- MITRE
- threatRECON - Search for indicators, up to 1000
- ZeuS Tracker - ZeuS
- Autoshun
- STIX - Structured Threat Information eXpression
- MAEC - Malware Attribute Enumeration and Characterization
- TAXII - Trusted Automated eXchange of Indicator Information
- Metadefender.com Threat Intelligence Feeds
-
-
Documents and Shellcode
-
Other Resources
- peepdf - Python
- diStorm - Disassembler for analyzing
- JS Deobfuscator
- libemu - Library and tools for x86 shellcode
- OfficeMalScanner - Scan for
- olevba - A script for parsing OLE
- Origami PDF - A tool for
- PDF Tools - pdfid,
- QuickSand - QuickSand is a compact C framework
- Spidermonkey
- JS Beautifier - JavaScript unpacking and deobfuscation.
-
-
Malware Collection
-
Anonymizers
- OpenVPN - VPN software and hosting solutions.
- Privoxy - An open source proxy server with some
- Tor - The Onion Router, for browsing the web
- Anonymouse.org - A free, web based anonymizer.
-
Malware Corpora
- Exploit Database - Exploit and shellcode
- MalwareDB - Malware samples repository.
- Open Malware Project - Sample information and
- Tracker h3x - Agregator for malware corpus tracker
- ViruSign - Malware database that detected by
- VirusShare - Malware repository, registration
- Zeltser's Sources - A list
- Clean MX - Realtime
- VX Vault - Active collection of malware samples.
-
Honeypots
-
-
Detection and Classification
-
Other Resources
- ClamAV - Open source antivirus engine.
- packerid - A cross-platform
- totalhash.py - Python script
- Rootkit Hunter - Detect Linux rootkits.
- PEV - A multiplatform toolkit to work with PE
- ssdeep - Compute fuzzy hashes.
-
-
Online Scanners and Sandboxes
-
Other Resources
- AndroTotal - Free online analysis of APKs
- AVCaesar - Malware.lu online scanner and
- Cuckoo Sandbox - Open source, self hosted
- DeepViz - Multi-format file analyzer with
- firmware.re - Unpacks, scans and analyzes almost any firmware package.
- Hybrid Analysis - Online malware
- IRMA - An asynchronous and customizable
- Jotti - Free online multi-AV scanner.
- Malware config - Extract, decode and display online
- Malwr - Free analysis with an online Cuckoo Sandbox
- MASTIFF Online - Online static
- NetworkTotal - A service that analyzes
- Sand droid - Automatic and complete
- Zeltser's List - Free
-
-
Domain Analysis
-
Other Resources
- SenderBase - Search for IP, domain or network
- SpamCop - IP based spam block list.
- SpamHaus - Block list based on
- Sucuri SiteCheck - Free Website Malware
- TekDefense Automater - OSINT tool
- Whois - DomainTools free online whois
- Zeltser's List - Free
- TekDefense Automater - OSINT tool
- Dig - Free online dig and other
- Multi rbl - Multiple DNS blacklist and forward
- URLQuery - Free URL Scanner.
-
-
Browser Malware
-
File Carving
-
Deobfuscation
-
Other Resources
- Balbuzard - A malware
- ex_pe_xor
- iheartxor
- XORSearch & XORStrings
-
-
Debugging and Reverse Engineering
-
Other Resources
- bamfdetect - Identifies and extracts
- Binary ninja - A reversing engineering platform that is an alternative to IDA.
- Bokken - GUI for Pyew and Radare.
- IDA Pro - Windows
- Immunity Debugger - Debugger for
- Kaitai Struct - DSL for file formats / network protocols /
- ltrace - Dynamic analysis for Linux executables.
- objdump - Part of GNU binutils,
- OllyDbg - An assembly-level debugger for Windows
- PPEE (puppy) - A Professional PE file Explorer for
- RegShot - Registry compare utility that compares snapshots.
- strace - Dynamic analysis for
- X64dbg - An open-source x64/x32 debugger for windows.
- LIEF - LIEF provides a cross-platform library
- FPort - Reports
- Process Monitor
-
-
Network
-
Other Resources
- Haka - An open source security oriented
- mitmproxy - Intercept network traffic on the fly.
- Wireshark - The network traffic analysis
- CloudShark - Web-based tool for packet analysis
- tcpxtract - Extract files from network
-
-
Windows Artifacts
-
Other Resources
- python-registry - Python
- RegRipper
- GitHub
-
-
Storage and Workflow
-
Miscellaneous
-
Other Resources
- Binarly - Search engine for bytes in a large
- Malware Museum - Collection of
- REMnux - Linux distribution and docker images for
- Santoku Linux - Linux distribution for mobile
-
-
Twitter
-
Other
-
Other Resources
- Malicious Software - Malware
- Practical Malware Analysis Starter Kit
- WindowsIR: Malware - Harlan
- Windows Registry specification - Windows registry file format specification.
- /r/csirt_tools - Subreddit for CSIRT
- malware analysis
- /r/Malware - The malware subreddit.
- /r/ReverseEngineering
- Android Security
- AppSec
- CTFs
- "Hacking"
- Honeypots
- Incident-Response
- PCAP Tools
- Security
-
Programming Languages
Categories
Open Source Threat Intelligence
21
Malware Collection
19
Other
16
Debugging and Reverse Engineering
16
Twitter
16
Online Scanners and Sandboxes
14
Domain Analysis
11
Documents and Shellcode
11
Detection and Classification
6
Network
5
Deobfuscation
4
Miscellaneous
4
Memory Forensics
4
Books
3
Browser Malware
3
Windows Artifacts
3
File Carving
2
Storage and Workflow
2
Sub Categories
Keywords
security
8
awesome
5
awesome-list
4
honeypot
4
list
3
python
2
ics
1
incident-response-tooling
1
incident-response
1
dfir
1
cybersecurity
1
honeyd
1
hacking
1
penetration
1
ctf
1
security-experts
1
reading-list
1
owasp
1
curated
1
application-security
1
android
1
threatintel
1
threat-sharing
1
threat-analysis
1
telnet-honeypot
1
telnet
1
ssh
1
sftp
1
scp
1
kippo
1
decoy
1
deception
1
cowrie-ssh
1
cowrie
1
attacker
1
virustotal
1
shellcode
1
security-tools
1
low-interaction
1
honeyclient
1
client-honeypot
1
dionaea
1
scada
1