Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

Malware

Malware can take various forms, including viruses, worms, Trojans, ransomware, spyware, and more. Its primary goal is to compromise the integrity, confidentiality, or availability of information, often for financial gain, espionage, or other malicious purposes.

https://github.com/forrest-orr/artifacts-kit

Pseudo-malicious usermode memory artifact generator kit designed to easily mimic the footprints left by real malware on an infected Windows OS.

artifact dll forensics generator header hollowing kit malware mirroring moating pe phtnaom shellcode wiping

Last synced: 14 Nov 2024

https://github.com/gleeda/memtriage

Allows you to quickly query a Windows machine for RAM artifacts

live-analysis malware memory memory-analysis memory-forensics ram volatility windows-machine winpmem

Last synced: 27 Oct 2024

https://github.com/nullarray/cypher

Pythonic ransomware proof of concept.

encryption encryption-key malware ransomware virus

Last synced: 14 Nov 2024

https://github.com/d3ext/hooka

Shellcode loader generator with multiples features

golang malware red-team

Last synced: 14 Nov 2024

https://github.com/AdroitAdorKhan/EnergizedProtection

A merged collection of hosts from reputable sources. #StayEnergized!

ad-block ad-blocker adblock malware porn spam

Last synced: 03 Aug 2024

https://github.com/Cr4sh/PeiBackdoor

PEI stage backdoor for UEFI compatible firmware

backdoor boot firmware intel malware pei uefi

Last synced: 04 Aug 2024

https://github.com/prodaft/malware-ioc

This repository contains indicators of compromise (IOCs) of our various investigations.

apt cybersecurity ioc malware malware-detection malware-research ransomware threat-hunting threat-intelligence threatintel threatintelligence ttp

Last synced: 06 Nov 2024

https://github.com/evilsocket/sauron

A minimalistic cross-platform malware scanner with non-blocking realtime filesystem monitoring using YARA rules.

malware scanner signature signatures virus yara

Last synced: 28 Oct 2024

https://github.com/checkpointsw/showstopper

ShowStopper is a tool for helping malware researchers explore and test anti-debug techniques or verify debugger plugins or other solutions that clash with standard anti-debug methods.

anti-debug malware research

Last synced: 12 Nov 2024

https://github.com/fallenastaroth/stink

🚀 Stealer on built-in libraries only, which doesn't create any temp files on data collecting, with 4 sending methods and lots of functionality.

malware no-dependencies python stealer trojan virus windows

Last synced: 05 Nov 2024

https://github.com/CheckPointSW/showstopper

ShowStopper is a tool for helping malware researchers explore and test anti-debug techniques or verify debugger plugins or other solutions that clash with standard anti-debug methods.

anti-debug malware research

Last synced: 04 Aug 2024

https://github.com/nyan-x-cat/lime-miner

a simple hidden silent XMR miner.

cpu hidden malware miner mining monero xmr

Last synced: 26 Sep 2024

https://github.com/evilsocket/ergo-pe-av

🧠 🦠 An artificial neural network and API to detect Windows malware, based on Ergo and LIEF.

antivirus api ergo gpu keras machine-learning malware

Last synced: 28 Oct 2024

https://github.com/nazywam/autoit-ripper

Extract AutoIt scripts embedded in PE binaries

autoit extraction malware

Last synced: 14 Nov 2024

https://github.com/nyan-x-cat/limeusb-csharp

Malware USB Spread | Example C#

backdoor badusb malware spread spreading usb

Last synced: 16 Nov 2024

https://github.com/qeeqbox/url-sandbox

Scalable URL Sandbox for analyzing URLs and Domains from phishing attacks

ads analyzer analyzing-urls docker domain malware phishing python sandbox url websites

Last synced: 15 Nov 2024

https://github.com/grazfather/practicalmalwarelabs

Keep track of the labs from the book "Practical Malware Analysis"

malware practical-malware-analysis reverse-engineering writeup

Last synced: 27 Oct 2024

https://github.com/P4T12ICK/ypsilon

Automated Use Case Testing

ansible cuckoo elk malware security siem splunk use-case

Last synced: 16 Nov 2024

https://github.com/p4t12ick/ypsilon

Automated Use Case Testing

ansible cuckoo elk malware security siem splunk use-case

Last synced: 31 Oct 2024

https://github.com/cocomelonc/meow

Cybersecurity research results. Simple C/C++ and Python implementations

cryptography cybersecurity hacking malware malware-analysis malware-research mathematics maths research

Last synced: 09 Nov 2024

https://github.com/Karneades/malware-persistence

Collection of malware persistence and hunting information. Be a persistent persistence hunter!

malware malware-analysis malware-detection malware-persistence persistence threat-hunting threat-intelligence

Last synced: 28 Oct 2024

https://github.com/duggytuxy/malicious_ip_addresses

Lists of addresses of the most active C2, Botnets, Zombies, Scanners in European Cyber Space

botnets cyber-threat-intelligence cybersecurity ddos ipaddresses ipv4 malicious malware zombies

Last synced: 01 Nov 2024

https://github.com/NVISOsecurity/binsnitch

Detect silent (unwanted) changes to files on your system

infosec integrity-monitoring malware malware-analysis

Last synced: 09 Nov 2024

https://github.com/brosck/reaper

「💀」Proof of concept on BYOVD attack

byovd development hacking malware offensivesecurity redteam security windows

Last synced: 13 Nov 2024

https://github.com/PI-Defender/pi-defender

Kernel Security driver used to block past, current and future process injection techniques on Windows Operating System.

anti-injection anti-malware antivirus blue-team defense driver kernel malware process-injection security windows

Last synced: 09 Nov 2024

https://github.com/moistcoder/cockygrabber

C# library for the collection of browser information such as cookies, logins, bookmarks and more

bookmark browser c c-sharp chromium cookie csharp csharp-code csharp-library download grabber history lib library login malware net netframework password stealer

Last synced: 12 Oct 2024

https://github.com/jpcertcc/malconfscan-with-cuckoo

Cuckoo Sandbox plugin for extracts configuration data of known malware

cuckoo-sandbox malware memory python security volatility

Last synced: 05 Nov 2024

https://github.com/NuclearPhoenixx/fake-sandbox

👁‍🗨 This script will simulate fake processes of analysis sandbox/VM software that some malware will try to avoid.

antivirus fake malware powershell process sandbox spyware tool windows windows-10

Last synced: 10 Sep 2024

https://github.com/mrexodia/lolbin-poc

Small PoC of using a Microsoft signed executable as a lolbin.

edr-bypass malware poc redteam redteam-tools redteaming windbg windbg-extension

Last synced: 27 Oct 2024

https://github.com/santosomar/who_and_what_to_follow

Who and what to follow in the world of cyber security

cyber-security cybersecurity incident-response malware network news security

Last synced: 03 Aug 2024

https://github.com/pelock/simple-polymorphic-engine-spe32

Simple Polymorphic Engine (SPE32) is a simple polymorphic engine for encrypting code and data. It is an amateur project that can be used to demonstrate what polymorphic engines are.

assembler decryption encryption junk-instructions malware malware-analysis masm masm32 polymorphic-engine polymorphic-engines reverse-engineering shellcode virus win32asm

Last synced: 12 Oct 2024

https://github.com/testingpens/malwarepersistencescripts

A collection of scripts I've written to help red and blue teams with malware persistence techniques.

blueteam living-off-the-land malware persistence powershell redteam

Last synced: 03 Aug 2024

https://github.com/hasherezade/antianalysis_demos

Set of antianalysis techniques found in malware

antidebug malware malware-evasion

Last synced: 29 Oct 2024

https://github.com/nyan-x-cat/lime-downloader

Simple Malware Downloader

downloader loader malware

Last synced: 16 Nov 2024

https://github.com/ivan-sincek/php-ransomware

PHP ransomware that encrypts your files, as well as file and directory names.

defensive-security ethical-hacking malware offensive-security openssl php ransomware reverse-engineering security

Last synced: 01 Nov 2024

https://github.com/telekom-security/malware_analysis

This repository contains analysis scripts, YARA rules, and additional IoCs related to our Telekom Security blog posts.

cti malware malware-analysis malware-research reverse-engineering

Last synced: 07 Nov 2024

https://github.com/guitmz/Fe2O3

Simple prepender virus written in Rust

elf linux malware rust virus

Last synced: 03 Nov 2024

https://github.com/guitmz/fe2o3

Simple prepender virus written in Rust

elf linux malware rust virus

Last synced: 09 Nov 2024

https://github.com/peterdavehello/url-shorteners

A comprehensive, high-quality URL shorteners domain list for whitelist/allowlist or blacklist/blocklist purposes, utilized by NextDNS, ControlD, RethinkDNS, dnslow.me, and other OSINT projects.

adguard-blocklist allowlist blacklist blocking blocklist cyber-security dns dnsbl domain hacktoberfest hosts malware osint phishing pihole privacy security threat-intelligence url-shortener whitelist

Last synced: 17 Oct 2024

https://github.com/mitchellkrogza/badd-boyz-hosts

A hosts file for use on any operating system to block bad domains out of your servers or devices.

adware android blocker clickjacking gambling-filter hosts hostsfile linux malware porn-filter ransomware windows

Last synced: 27 Oct 2024

https://github.com/mitchellkrogza/Badd-Boyz-Hosts

A hosts file for use on any operating system to block bad domains out of your servers or devices.

adware android blocker clickjacking gambling-filter hosts hostsfile linux malware porn-filter ransomware windows

Last synced: 04 Aug 2024

https://github.com/nullarray/archivist

A ctypes powered python keylogger.

keylogger malware python security

Last synced: 14 Oct 2024

https://github.com/brakmic/sinkholes

:bug: Malware Sinkhole List in various formats

csv infosec malware sinkhole xlsx

Last synced: 08 Nov 2024

https://github.com/reveng007/checkhooks-n-load

A Windows stager-cum-PELoader focusing Dynamic EDR Evasion, as well as FUD till now (03/03/23), when Operator wants to Know the the Underlying functions Hooks and then craft Implant based on the previous condition.

av evasion implant loader malware redteam stager windows

Last synced: 12 Nov 2024

https://github.com/CosmodiumCS/MalwareDNA

This repository contains various snippets I use in my malware, command and control servers, payloads, and much more. Hopefully it can help you out in building your own malware and payloads :D

hak5 malware malware-analysis malware-development

Last synced: 07 Sep 2024

https://github.com/0x48piraj/incarcero

Incarcero is a tool that creates Virtual Machines (VMs) preconfigured with malware analysis tools and security settings tailored for malware analysis without any user interaction.

malware malware-analysis malware-detection malware-research malware-samples research security

Last synced: 10 Nov 2024

https://github.com/reveng007/reflectiventdll

A Dropper POC with a focus on aiding in EDR evasion, NTDLL Unhooking followed by loading ntdll in-memory, which is present as shellcode (using pe2shc by @hasherezade). Payload encryption via SystemFucntion033 NtApi and No new thread via Fiber

antivirus bypass bypass-antivirus dropper edr evasion fiber implant malware ntdll-unhooking process-injection systemfunction033

Last synced: 12 Nov 2024

https://github.com/openclarity/vmclarity

VMClarity is a tool for agentless detection and management of Virtual Machine Software Bill Of Materials (SBOM) and vulnerabilities

agentless cloud exploits leaked-secrets malware misconfigurations rootkits sbom secrets-detection security vulnerabilities vulnerability-scanners

Last synced: 15 Nov 2024

https://github.com/jpcertcc/impfuzzy

Fuzzy Hash calculated from import API of PE files

clustering impfuzzy malware neo4j python security volatility

Last synced: 05 Nov 2024

https://github.com/alichtman/malware-techniques

A collection of techniques commonly used in malware to accomplish core tasks.

linux macos malware malware-analysis malware-development malware-research reverse-engineering

Last synced: 27 Oct 2024

https://github.com/nyan-x-cat/dropless-malware

Download a payload and make it run from registry without droppng.

backdoor downloader drop dropper malware persistence

Last synced: 08 Nov 2024

https://github.com/te-k/pecli

CLI tool to analyze PE files

malware malware-analysis reverse-engineering

Last synced: 14 Oct 2024

https://github.com/clrxbl/nekoclient

Deobfuscated June 2023 CurseForge malware ("fractureiser") stage 3 payload

2023 curseforge fractureiser malware minecraft

Last synced: 11 Nov 2024

https://github.com/peterdavehello/threat-hostlist

Comprehensive domain blocklists for 🚨 threats (🕷malware, 🎣phishing, 🕵️spyware, 🤖botnets). Ideal for DNS-based filtering tools like Pi-Hole, AdGuard Home, Blocky.

adguard-blocklist blocklist botnets cybersecurity dns domain hacktoberfest hosts infosec malware osint phishing ransomware security spyware threat-intelligence threats

Last synced: 02 Nov 2024

https://github.com/qeeqbox/mitre-visualizer

🧬 Mitre Interactive Network Graph (APTs, Malware, Tools, Techniques & Tactics)

advanced-persistent-threat attack malware mitre network-graph tactic technique tool

Last synced: 15 Nov 2024

https://github.com/sisoma2/shellcodeloader

Small tool to load shellcodes or PEs to analyze them

breakpoint malware malware-analysis shellcode visual-studio windows

Last synced: 16 Oct 2024

https://github.com/mueller-ma/block-ads-via-dns

Block ads and malware via local DNS server

debian-server dns-server malware

Last synced: 07 Nov 2024

https://github.com/lennolium/privacyshield

A comprehensive All-in-One AdGuard Filter List optimized for DNS level blocking of Ads, Analytics, Tracking, Malware & Scam.

ad-blocker adblock adguard ads analytics blacklist blocklist dns filter hosts malware phishing pi-hole privacy protection scam security tracking whitelist

Last synced: 10 Oct 2024

https://github.com/ryuchen/panda-sandbox

这是一个基于 Cuckoo 开源版本的沙箱的修订版本, 该版本完全为了适配国内软件环境所打造

cuckoo cuckoo-sandbox malware malware-analysis sandbox security

Last synced: 28 Oct 2024

https://github.com/hackthedev/teardrop

Open-Source Ransomware Project for learning purpose only written in C# (csharp). Dont use it for bad things.

csharp educational educational-project encryption executeable gpl3 gplv3 leaning learning-by-doing malicious malware ransomware virus windows

Last synced: 04 Aug 2024

https://github.com/mgeeky/msi-shenanigans

Proof of Concept code and samples presenting emerging threat of MSI installer files.

malware red-team security

Last synced: 29 Oct 2024

https://github.com/billythegoat356/vulture

Vulture is a tool allowing you to access all the files on a second computer from your terminal.

cd client dir directories directory dirs file files ftp ls malware server tcp udp

Last synced: 10 Nov 2024

https://github.com/albertzsigovits/malware-tools

A curated list of malware repositories, trackers and malware analysis tools

malware malware-analysis malware-research malware-tools malwareanalysis reverse-engineering

Last synced: 03 Aug 2024

https://github.com/adrianlois/dfir-detection-engineering

Digital Forensics Incident Response and Detection engineering: Análisis forense de artefactos comunes y no tan comunes. Técnicas anti-forense y detección de técnicas utilizadas por actores maliciosos para la evasión de sistemas de protección y monitorización.

anti-forense artefactos artefacts cybersecurity deteccion detection-engineering dfir digital-forensics evidencias forense forensics incident-response linux macosx malware security tips tricks windows

Last synced: 14 Nov 2024

https://github.com/deadbits/malware-analysis-scripts

Collection of scripts for different malware analysis tasks

malware malware-analysis malware-research reverse-engineering

Last synced: 03 Aug 2024

https://github.com/peterdavehello/chkdomain

🔍 Discover if a domain is resolvable or blocked by secure DNS and Ad-blocking services, and experience the innovative idea of DaaS - DNS as an Intelligence Service.

adblock cybersecurity dns domain filter hacktoberfest infosec malware osint phishing security threat-intelligence

Last synced: 09 Nov 2024

https://github.com/wurstcommander/win10appremove

A Powershell-Script for removing / debloating Windows 10 apps. Mandatory apps which can't be uninstalled via start menu will be removed too.

appstore appxpackages bloatware debloat debloater explorer folders libraries malware microsoft powershell-script preinstalled regedit remove remover win10 windows windows10 windowsapp windowsstore

Last synced: 11 Oct 2024

https://github.com/pchaigno/dga-collection

A collection of known Domain Generation Algorithms

dga dga-collection malware

Last synced: 28 Oct 2024

https://github.com/darkcodersc/inno-shellcode-example

Run shellcode through InnoSetup code engine.

inno inno-setup malware shellcode windows

Last synced: 28 Oct 2024

https://github.com/WurstCommander/Win10AppRemove

A Powershell-Script for removing / debloating Windows 10 apps. Mandatory apps which can't be uninstalled via start menu will be removed too.

appstore appxpackages bloatware debloat debloater explorer folders libraries malware microsoft powershell-script preinstalled regedit remove remover win10 windows windows10 windowsapp windowsstore

Last synced: 13 Aug 2024

https://github.com/byt3n33dl3/thefatrat_v2

TheFatRat : Remote control Access Devices and exploiting tool, used as a deadly Backdoor generator that bypass most anti virus software. Penetrate a strong system such as Windows, MacOS, Android, and iOS

autorun backdoor bypass-av linux malware msfvenom remoteaccess shellcode thefatrat trojan

Last synced: 15 Nov 2024

https://github.com/darkempire78/windows-keylogger

A Windows keylogger undetected by all major anti-virus. Log keys, clipboard, window titles and send logs to a server.

antivirus keylogger keylogging malware malware-sample windows windows-keylogger

Last synced: 15 Nov 2024

https://github.com/cvar1984/sussyfinder

Single file php webshell scanner to detect potentially malicious backdoor based on token and hash with web interface and VirusTotal integration

antivirus backdoor forensics hacktoberfest malware malware-analysis php webshells

Last synced: 15 Nov 2024

https://github.com/zhuagenborn/goasm-rat

💻 A Windows console remote administration tool written in Go & Intel x86 Assembly. It supports remote shell and screenshot.

cybersecurity malware network remote-administration-tool socket windows

Last synced: 08 Nov 2024

https://github.com/zhuagenborn/windows-dll-injector

💉 A Windows dynamic-link library injection tool written in C++20. It can inject a dynamic-link library into a running process by its window title or create a new process with an injection.

cpp20 cybersecurity dll-inection malware windows

Last synced: 08 Nov 2024

https://github.com/nyan-x-cat/csharp-loader

Download a .NET payload and run it on memory

backdoor dropper loader malware payload stub

Last synced: 08 Nov 2024

https://github.com/nyan-x-cat/malwareshell

Create a powershell malware loader to run C#.cs code on runtime

backdoor downloader loader malware payload poweshell ps1

Last synced: 08 Nov 2024

https://github.com/machine1337/fudshell

An efficent Script To Generate FUD Persistent Reverse Shell For Red Teaming. Don't Upload Generated Stub On Virustotal

antivirus-evasion evasion fud fud-rat hacking kali-linux machine1337 malware python rat redteaming reverse-shell windows windows-rat

Last synced: 10 Nov 2024

https://github.com/nyan-x-cat/njrat-0.7d-stub-csharp

njRAT C# Stub - Fixed For PowerShell

backdoor client malware njrat powershell rat stub

Last synced: 08 Nov 2024