Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
awesome-malware-analysis
https://github.com/ducdohb/awesome-malware-analysis
Last synced: 5 days ago
JSON representation
-
Open Source Threat Intelligence
-
Tools
- IntelMQ
- AlienVault Open Threat Exchange - Share and
- ThreatCrowd - A search engine for threats,
-
Other Resources
- Autoshun
- MAEC - Malware Attribute Enumeration and Characterization
- TAXII - Trusted Automated eXchange of Indicator Information
- CI Army - badguys.txt)) -
- CRDF ThreatCenter - List of new threats detected
- FireHOL IP Lists - Analytics for 350+ IP lists
- Internet Storm Center (DShield) - Diary and
- malc0de - Searchable incident database.
- Palevo Blocklists - Botnet
- MITRE
- threatRECON - Search for indicators, up to 1000
- ZeuS Tracker - ZeuS
-
-
Malware Collection
-
Honeypots
-
Malware Corpora
- Clean MX - Realtime
- Exploit Database - Exploit and shellcode
- MalwareDB - Malware samples repository.
- Open Malware Project - Sample information and
- ViruSign - Malware database that detected by
- VirusShare - Malware repository, registration
- Zeltser's Sources - A list
-
Anonymizers
- Anonymouse.org - A free, web based anonymizer.
- OpenVPN - VPN software and hosting solutions.
- Privoxy - An open source proxy server with some
- Tor - The Onion Router, for browsing the web
-
-
Detection and Classification
-
Other Resources
- ClamAV - Open source antivirus engine.
- packerid - A cross-platform
- totalhash.py - Python script
-
-
Online Scanners and Sandboxes
-
Other Resources
- AndroTotal - Free online analysis of APKs
- AVCaesar - Malware.lu online scanner and
- Cuckoo Sandbox - Open source, self hosted
- DeepViz - Multi-format file analyzer with
- Hybrid Analysis - Online malware
- IRMA - An asynchronous and customizable
- Jotti - Free online multi-AV scanner.
- Malwr - Free analysis with an online Cuckoo Sandbox
- MASTIFF Online - Online static
- NetworkTotal - A service that analyzes
- Zeltser's List - Free
-
-
Domain Analysis
-
Other Resources
- SenderBase - Search for IP, domain or network
- SpamCop - IP based spam block list.
- SpamHaus - Block list based on
- Sucuri SiteCheck - Free Website Malware
- TekDefense Automator - OSINT tool
- URLQuery - Free URL Scanner.
- Whois - DomainTools free online whois
- Zeltser's List - Free
- Dig - Free online dig and other
-
-
Browser Malware
-
Documents and Shellcode
-
Other Resources
- diStorm - Disassembler for analyzing
- JS Deobfuscator
- libemu - Library and tools for x86 shellcode
- OfficeMalScanner - Scan for
- olevba - A script for parsing OLE
- Origami PDF - A tool for
- PDF Tools - pdfid,
- QuickSand - QuickSand is a compact C framework
- Spidermonkey
-
-
File Carving
-
Other Resources
- Hachoir - A collection of Python
-
-
Deobfuscation
-
Other Resources
- Balbuzard - A malware
- ex_pe_xor
- iheartxor
- XORSearch & XORStrings
-
-
Debugging and Reverse Engineering
-
Other Resources
- bamfdetect - Identifies and extracts
- Bokken - GUI for Pyew and Radare.
- IDA Pro - Windows
- Immunity Debugger - Debugger for
- ltrace - Dynamic analysis for Linux executables.
- objdump - Part of GNU binutils,
- OllyDbg - An assembly-level debugger for Windows
- PPEE (puppy) - A Professional PE file Explorer for
- strace - Dynamic analysis for
- X64dbg - An open-source x64/x32 debugger for windows.
-
-
Network
-
Memory Forensics
-
Windows Artifacts
-
Other Resources
- python-registry - Python
- RegRipper
- GitHub
-
-
Storage and Workflow
-
Miscellaneous
-
Other Resources
- Binarly - Search engine for bytes in a large
- REMnux - Linux distribution and docker images for
- Santoku Linux - Linux distribution for mobile
-
-
Twitter
-
Other
-
Other Resources
- Malicious Software - Malware
- Practical Malware Analysis Starter Kit
- WindowsIR: Malware - Harlan
- Windows Registry specification - Windows registry file format specification.
- /r/csirt_tools - Subreddit for CSIRT
- malware analysis
- /r/Malware - The malware subreddit.
- /r/ReverseEngineering
- Android Security
- AppSec
- CTFs
- "Hacking"
- Honeypots
- Incident-Response
- PCAP Tools
- Security
-
-
Books
-
Other Resources
-
Programming Languages
Categories
Malware Collection
18
Other
16
Twitter
16
Open Source Threat Intelligence
15
Online Scanners and Sandboxes
11
Debugging and Reverse Engineering
10
Domain Analysis
9
Documents and Shellcode
9
Deobfuscation
4
Miscellaneous
3
Browser Malware
3
Detection and Classification
3
Windows Artifacts
3
Network
3
Books
2
Memory Forensics
2
Storage and Workflow
2
File Carving
1
Sub Categories
Keywords
security
7
awesome
5
awesome-list
4
honeypot
3
list
3
python
2
ctf
1
security-experts
1
reading-list
1
owasp
1
curated
1
application-security
1
android
1
virustotal
1
shellcode
1
security-tools
1
low-interaction
1
honeyclient
1
client-honeypot
1
scada
1
ics
1
threatintel
1
threat-sharing
1
threat-analysis
1
telnet-honeypot
1
telnet
1
ssh
1
sftp
1
scp
1
kippo
1
decoy
1
deception
1
cowrie-ssh
1
cowrie
1
attacker
1
incident-response-tooling
1
incident-response
1
dfir
1
cybersecurity
1
honeyd
1
hacking
1
penetration
1