Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
Malware
Malware can take various forms, including viruses, worms, Trojans, ransomware, spyware, and more. Its primary goal is to compromise the integrity, confidentiality, or availability of information, often for financial gain, espionage, or other malicious purposes.
- GitHub: https://github.com/topics/malware
- Wikipedia: https://en.wikipedia.org/wiki/Malware
- Related Topics: virus, security, malware-analysis, cyber-attack, cyber-security, system-tracking, system-monitoring,
- Aliases: computer-malware,
- Last updated: 2025-01-24 00:18:27 UTC
- JSON Representation
https://github.com/KCarretto/paragon
Red Team engagement platform with the goal of unifying offensive tools behind a simple UI
api botnet command-and-control cross-platform dsl framework frontend golang graphql implants knowledge-graph malware malware-development offensive redteam scripting-language starlark threat-emulation toolkit
Last synced: 21 Nov 2024
https://github.com/ScriptTiger/Unified-Hosts-AutoUpdate
Quickly and easily install, uninstall, and set up automatic updates for any of Steven Black's unified hosts files.
ad-blocker autoupdate autoupdate-script blacklist easy gambling-filter hosts install installer malware microsoft porn-filter scheduling social-media-filter unified-hosts uninstaller unsintall updater updater-script windows
Last synced: 11 Nov 2024
https://github.com/santoru/filewatcher
A simple auditing utility for macOS
auditing filesystem macos malware monitoring security-audit
Last synced: 24 Jan 2025
https://github.com/ThreatLabz/ransomware_notes
An Archive of Ransomware Notes Past and Present Collected by Zscaler ThreatLabz
akira alphv blackbasta blackcat blacksuit cactus clop darkangels hive karakurt lockbit mallox malware malware-research medusa notes qilin ransomhub ransomware revil
Last synced: 06 Nov 2024
https://github.com/mitchellkrogza/the-big-list-of-hacked-malware-web-sites
This repository contains a list of all web sites I come across that are either hacked with or purposefully hosting malware, ransomware, viruses or trojans.
browsers click-jacking click-redirecting clickjacking cyber-security cybersecurity hacked malware petya porn ransomware technical-support trojans viruses wannacry website wordpress wordpress-site
Last synced: 20 Jan 2025
https://github.com/qeeqbox/analyzer
Analyze, extract and visualize features, artifacts and IoCs of files and memory dumps (Windows, Linux, Android, iPhone, Blackberry, macOS binaries, emails and more)
analysis analyzer malware malware-analysis osint phishing python visualizes
Last synced: 21 Jan 2025
https://github.com/mitchellkrogza/The-Big-List-of-Hacked-Malware-Web-Sites
This repository contains a list of all web sites I come across that are either hacked with or purposefully hosting malware, ransomware, viruses or trojans.
browsers click-jacking click-redirecting clickjacking cyber-security cybersecurity hacked malware petya porn ransomware technical-support trojans viruses wannacry website wordpress wordpress-site
Last synced: 04 Nov 2024
https://github.com/senzee1984/inflativeloading
Dynamically convert an unmanaged EXE or DLL file to PIC shellcode by prepending a shellcode stub.
Last synced: 21 Jan 2025
https://github.com/petercunha/goat
:goat: GoAT (Golang Advanced Trojan) is a trojan that uses Twitter as a C&C server
decentralized golang hacking malware trojan
Last synced: 10 Jan 2025
https://github.com/petercunha/GoAT
:goat: GoAT (Golang Advanced Trojan) is a trojan that uses Twitter as a C&C server
decentralized golang hacking malware trojan
Last synced: 14 Nov 2024
https://github.com/EvilBytecode/GoDefender
Anti Virtulization, Anti Debugging, AntiVM, Anti Virtual Machine, Anti Debug, Anti Sandboxie, Anti Sandbox, VM Detect package. Windows ONLY.
anti-cracking anti-debug anti-vm debugger debugging malware protection reverse-engineering
Last synced: 05 Nov 2024
https://github.com/sapphirex00/Threat-Hunting
Personal compilation of APT malware from whitepaper releases, documents and own research
collection malware malware-analysis malware-detection malware-research threat-hunting threat-intelligence threat-modeling threat-sharing yara-rules
Last synced: 01 Nov 2024
https://github.com/A3sal0n/FalconGate
A smart gateway to stop cyber criminals - Sponsored by Falcon Guard
cybersecurity firewall malware security-tools
Last synced: 22 Nov 2024
https://github.com/kleiton0x00/shelltropy
A technique of hiding malicious shellcode via Shannon encoding.
encoding malware malware-analysis malware-development obfuscate obfuscation
Last synced: 23 Jan 2025
https://github.com/fallenastaroth/stink
🚀 Stealer on built-in libraries only, which doesn't create any temp files on data collecting, with 4 sending methods and lots of functionality.
malware no-dependencies python stealer trojan virus windows
Last synced: 22 Jan 2025
https://github.com/cybercentrecanada/assemblyline
AssemblyLine 4: File triage and malware analysis
assemblyline automation-framework cert cyber-security cybersecurity document-analysis file-analysis framework incident-response infosec malware malware-analysis malware-analyzer malware-detection malware-research python3 security-automation security-automation-framework security-tools
Last synced: 24 Jan 2025
https://github.com/CybercentreCanada/assemblyline
AssemblyLine 4: File triage and malware analysis
assemblyline automation-framework cert cyber-security cybersecurity document-analysis file-analysis framework incident-response infosec malware malware-analysis malware-analyzer malware-detection malware-research python3 security-automation security-automation-framework security-tools
Last synced: 25 Oct 2024
https://github.com/reveng007/reveng_rtkit
Linux Loadable Kernel Module (LKM) based rootkit (ring-0), capable of hiding itself, processes/implants, rmmod proof, has ability to bypass infamous rkhunter antirootkit.
antirootkit-bypass backdoor c hacking-tool hacktoberfest kernel-mode-rootkit linux linux-device-driver linux-kernel linux-kernel-module malware post-exploitation-toolkit redteam redteam-tools ring0 rkhunter-antirootkit security security-tools
Last synced: 22 Jan 2025
https://github.com/MDudek-ICS/TRISIS-TRITON-HATMAN
Repository containting original and decompiled files of TRISIS/TRITON/HATMAN malware
ics ics-security malware python scada scada-security
Last synced: 21 Nov 2024
https://github.com/GetRektBoy724/MeterPwrShell
Automated Tool That Generates The Perfect Meterpreter Powershell Payload
amsi av-evasion bypass bypass-amsi bypass-antivirus bypass-firewall bypass-uac fud malware metasploit metasploit-framework meterpreter one-liner payload stager windows
Last synced: 21 Nov 2024
https://github.com/forrest-orr/artifacts-kit
Pseudo-malicious usermode memory artifact generator kit designed to easily mimic the footprints left by real malware on an infected Windows OS.
artifact dll forensics generator header hollowing kit malware mirroring moating pe phtnaom shellcode wiping
Last synced: 22 Jan 2025
https://github.com/gleeda/memtriage
Allows you to quickly query a Windows machine for RAM artifacts
live-analysis malware memory memory-analysis memory-forensics ram volatility windows-machine winpmem
Last synced: 27 Oct 2024
https://github.com/nullarray/cypher
Pythonic ransomware proof of concept.
encryption encryption-key malware ransomware virus
Last synced: 23 Jan 2025
https://github.com/evilsocket/sauron
A minimalistic cross-platform malware scanner with non-blocking realtime filesystem monitoring using YARA rules.
malware scanner signature signatures virus yara
Last synced: 11 Jan 2025
https://github.com/AdroitAdorKhan/EnergizedProtection
A merged collection of hosts from reputable sources. #StayEnergized!
ad-block ad-blocker adblock malware porn spam
Last synced: 18 Nov 2024
https://github.com/distyapps/stable-diffusion-pickle-scanner-gui
Pickle Scanner GUI
ai artificial-intelligence gui malware pickle python s stable-diffusion
Last synced: 17 Dec 2024
https://github.com/hazcod/ransomwhere
A PoC ransomware sample to test out your ransomware response strategy.
Last synced: 23 Jan 2025
https://github.com/err0r-ica/viridae
Virus - Trojans - Worms - Malwares
hacking hacking-tool hacking-tools kali kali-linux kali-scripts linux malware malware-analysis termux termux-hacking termux-tool termux-tools tool tools trojan trojan-rat virus worm worms
Last synced: 26 Jan 2025
https://github.com/prodaft/malware-ioc
This repository contains indicators of compromise (IOCs) of our various investigations.
apt cybersecurity ioc malware malware-detection malware-research ransomware threat-hunting threat-intelligence threatintel threatintelligence ttp
Last synced: 06 Nov 2024
https://github.com/0xDanielLopez/phishing_kits
Exposing phishing kits seen from phishunt.io
malware osint phishing phishing-attacks phishing-detection phishing-kit phishing-sites scam scam-sites
Last synced: 21 Nov 2024
https://github.com/aw-junaid/hacking-tools
This Repository is a collection of different ethical hacking tools and malware's for penetration testing and research purpose written in python, ruby, rust, c++, go and c.
algorithms artificial-intelligence bugbounty cryptography cyber-threat-intelligence cybersecurity-projects ethical-hacking hacking-tools malware nessus network-monitoring network-security nmap portscanner python pythonprojects threat-intelligence virus-scanning
Last synced: 22 Jan 2025
https://github.com/cocomelonc/meow
Cybersecurity research results. Simple C/C++ and Python implementations
cryptography cybersecurity hacking malware malware-analysis malware-research mathematics maths research
Last synced: 25 Jan 2025
https://github.com/CheckPointSW/showstopper
ShowStopper is a tool for helping malware researchers explore and test anti-debug techniques or verify debugger plugins or other solutions that clash with standard anti-debug methods.
Last synced: 21 Nov 2024
https://github.com/checkpointsw/showstopper
ShowStopper is a tool for helping malware researchers explore and test anti-debug techniques or verify debugger plugins or other solutions that clash with standard anti-debug methods.
Last synced: 12 Nov 2024
https://github.com/mpast/mobileAudit
Django application that performs SAST and Malware Analysis for Android APKs
androguard android-security apk apk-analysis code-security defect-dojo django django-rest-framework docker malware malware-analysis mobile-audit mobile-security sast virustotal
Last synced: 02 Nov 2024
https://github.com/DevSpen/scam-links
Collection of phishing and malicious links that focuses on Steam and Discord scams.
discord discord-scams hacktoberfest links list malicious-domains malware nitro-scam phishing-detection phishing-links phishing-links-detection scam-api scam-links scam-sites scammer scammers scams steam steam-scams
Last synced: 08 Nov 2024
https://github.com/phylum-dev/birdcage
Cross-platform embeddable sandboxing
malware sandbox secure-software-supply-chain security security-tools software-supply-chain-security
Last synced: 25 Jan 2025
https://github.com/nazywam/autoit-ripper
Extract AutoIt scripts embedded in PE binaries
Last synced: 25 Jan 2025
https://github.com/anteater/anteater
Anteater - CI/CD Gate Check Framework
anteater circleci developer-tools development-enviroment devops devops-tools devsecops gate jenkins-pipeline malware regexp scanning security-audit travis-ci virus-total
Last synced: 24 Jan 2025
https://github.com/evilsocket/ergo-pe-av
🧠 🦠 An artificial neural network and API to detect Windows malware, based on Ergo and LIEF.
antivirus api ergo gpu keras machine-learning malware
Last synced: 11 Jan 2025
https://github.com/henriksb/extensionspoofer
Spoof file icons and extensions in Windows
extension-spoof file-spoof filespoof hack hacking malware spoof spoofing trojan virus
Last synced: 20 Nov 2024
https://github.com/grazfather/practicalmalwarelabs
Keep track of the labs from the book "Practical Malware Analysis"
malware practical-malware-analysis reverse-engineering writeup
Last synced: 27 Oct 2024
https://github.com/Karneades/malware-persistence
Collection of malware persistence and hunting information. Be a persistent persistence hunter!
malware malware-analysis malware-detection malware-persistence persistence threat-hunting threat-intelligence
Last synced: 28 Oct 2024
https://github.com/duggytuxy/malicious_ip_addresses
Lists of addresses of the most active C2, Botnets, Zombies, Scanners in European Cyber Space
botnets cyber-threat-intelligence cybersecurity ddos ipaddresses ipv4 malicious malware zombies
Last synced: 01 Nov 2024
https://github.com/NVISOsecurity/binsnitch
Detect silent (unwanted) changes to files on your system
infosec integrity-monitoring malware malware-analysis
Last synced: 09 Nov 2024
https://github.com/GlacierW/MBA
Malware Behavior Analyzer
dynamic-binary-analysis forensics malware program-analysis qemu sandbox taint-analysis virtual-machine-introspection
Last synced: 13 Nov 2024
https://github.com/brosck/reaper
「💀」Proof of concept on BYOVD attack
byovd development hacking malware offensivesecurity redteam security windows
Last synced: 23 Jan 2025
https://github.com/PI-Defender/pi-defender
Kernel Security driver used to block past, current and future process injection techniques on Windows Operating System.
anti-injection anti-malware antivirus blue-team defense driver kernel malware process-injection security windows
Last synced: 09 Nov 2024
https://github.com/moistcoder/cockygrabber
C# library for the collection of browser information such as cookies, logins, bookmarks and more
bookmark browser c c-sharp chromium cookie csharp csharp-code csharp-library download grabber history lib library login malware net netframework password stealer
Last synced: 12 Oct 2024
https://github.com/pelock/simple-polymorphic-engine-spe32
Simple Polymorphic Engine (SPE32) is a simple polymorphic engine for encrypting code and data. It is an amateur project that can be used to demonstrate what polymorphic engines are.
assembler decryption encryption junk-instructions malware malware-analysis masm masm32 polymorphic-engine polymorphic-engines reverse-engineering shellcode virus win32asm
Last synced: 24 Jan 2025
https://github.com/santosomar/who_and_what_to_follow
Who and what to follow in the world of cyber security
cyber-security cybersecurity incident-response malware network news security
Last synced: 18 Nov 2024
https://github.com/eset/stadeo
Control-flow-flattening and string deobfuscator
control-flow deobfuscation deobfuscator emotet ida ida-pro idapython malware miasm python reverse-engineering stantinko strings
Last synced: 09 Nov 2024
https://github.com/jpcertcc/malconfscan-with-cuckoo
Cuckoo Sandbox plugin for extracts configuration data of known malware
cuckoo-sandbox malware memory python security volatility
Last synced: 05 Nov 2024
https://github.com/egebalci/cminer
Cminer is a tool for enumerating the code caves in PE files.
Last synced: 18 Nov 2024
https://github.com/NuclearPhoenixx/fake-sandbox
👁🗨 This script will simulate fake processes of analysis sandbox/VM software that some malware will try to avoid.
antivirus fake malware powershell process sandbox spyware tool windows windows-10
Last synced: 02 Jan 2025
https://github.com/mrexodia/lolbin-poc
Small PoC of using a Microsoft signed executable as a lolbin.
edr-bypass malware poc redteam redteam-tools redteaming windbg windbg-extension
Last synced: 27 Oct 2024
https://github.com/testingpens/malwarepersistencescripts
A collection of scripts I've written to help red and blue teams with malware persistence techniques.
blueteam living-off-the-land malware persistence powershell redteam
Last synced: 18 Nov 2024
https://github.com/hasherezade/antianalysis_demos
Set of antianalysis techniques found in malware
antidebug malware malware-evasion
Last synced: 29 Oct 2024
https://github.com/r3li4nt/articulos
Artículos relacionados a la Ciberseguridad y Hacking.
android auditorias ciberseguridad cracking criptografia esteganografia exploit hacking linux malware mitm pentesting programacion redes seguridad tools vulnerabilidades web windows wireless
Last synced: 20 Jan 2025
https://github.com/peterdavehello/url-shorteners
A comprehensive, high-quality URL shorteners domain list for whitelist/allowlist or blacklist/blocklist purposes, utilized by NextDNS, ControlD, RethinkDNS, dnslow.me, and other OSINT projects.
adguard-blocklist allowlist blacklist blocking blocklist cyber-security dns dnsbl domain hacktoberfest hosts malware osint phishing pihole privacy security threat-intelligence url-shortener whitelist
Last synced: 26 Jan 2025
https://github.com/panagiotisdrakatos/javaransomware
Simple Ransomware Tool in Pure Java
educational-software encryption-decryption malware ransomware security virus
Last synced: 16 Dec 2024
https://github.com/ivan-sincek/php-ransomware
PHP ransomware that encrypts your files, as well as file and directory names.
defensive-security ethical-hacking malware offensive-security openssl php ransomware reverse-engineering security
Last synced: 01 Nov 2024
https://github.com/FZGbzuw412/Python-RAT
Remote Administration tool for Windows Systems written in pure Python
client-server client-side hacking hacking-tools malware python python-script python3 rat remote-admin-tool remote-config remote-control remote-desktop remote-execution remote-shell reverse-shell server server-side
Last synced: 20 Nov 2024
https://github.com/PanagiotisDrakatos/JavaRansomware
Simple Ransomware Tool in Pure Java
educational-software encryption-decryption malware ransomware security virus
Last synced: 21 Nov 2024
https://github.com/h3xduck/umbra
A LKM rootkit targeting 4.x and 5.x kernel versions which opens a backdoor that can spawn a reverse shell to a remote host, launch malware and more.
backdoor kernel kernel-module linux-kernel linux-kernel-module malware ransomware rootkit
Last synced: 26 Nov 2024
https://github.com/telekom-security/malware_analysis
This repository contains analysis scripts, YARA rules, and additional IoCs related to our Telekom Security blog posts.
cti malware malware-analysis malware-research reverse-engineering
Last synced: 07 Nov 2024
https://github.com/mav8557/father
LD_PRELOAD rootkit
backdoor c ld-preload linux malware redteam rootkit security
Last synced: 11 Dec 2024
https://github.com/droppers/singlefileextractor
A tool for extracting contents (assemblies, configuration, etc.) from a single-file application to a directory, suitable for purposes like malware analysis.
dotnet malware malware-analysis reverse-engineering tooling
Last synced: 22 Jan 2025
https://github.com/mitchellkrogza/badd-boyz-hosts
A hosts file for use on any operating system to block bad domains out of your servers or devices.
adware android blocker clickjacking gambling-filter hosts hostsfile linux malware porn-filter ransomware windows
Last synced: 20 Jan 2025
https://github.com/mitchellkrogza/Badd-Boyz-Hosts
A hosts file for use on any operating system to block bad domains out of your servers or devices.
adware android blocker clickjacking gambling-filter hosts hostsfile linux malware porn-filter ransomware windows
Last synced: 21 Nov 2024
https://github.com/tigthor/nsa-cia-blocklist
This is the github repository for all NSA and CIA spying servers, including those revealed by Edward Snowden and other studies we conducted on the whole world's servers, enumerating those that spy on individuals and sell data to the NSA and CIA.
cia fbi gaza hacking hosts malware nsa osint security snowden tor ukraine usa
Last synced: 22 Jan 2025
https://github.com/nullarray/archivist
A ctypes powered python keylogger.
keylogger malware python security
Last synced: 14 Oct 2024
https://github.com/csvl/SEMA
SEMA is based on angr, a symbolic execution engine used to extract API calls. Especially, we extend ANGR with strategies to create representative signatures based on System Call Dependency graph (SCDG). Those SCDGs can be exploited in machine learning modules to do classification/detection.
angr binary-analysis classification concolic-execution ctf cybersecurity detection linux malware malware-analysis malware-detection malware-research python reverse reverse-engineering sema static-analysis symbolic symbolic-execution windows
Last synced: 18 Jan 2025
https://github.com/phylum-dev/cli
Command line interface for the Phylum API
cli malware malware-detection rust secure-software-supply-chain security security-scan software-supply-chain software-supply-chain-security supply-chain vulnerabilities
Last synced: 21 Jan 2025
https://github.com/vatshayan/malware-detection-final-year-project
Final Year Malware Detection Project with PPT, Research Paper, code and Synopsis. Malware detection project by Machine Learning ALgorithms.
btech btechfinalyear cryptographyproject cybersecurity datasets final-project final-year-project machine machine-learning machinelearningprojects malware malware-analysis malware-detection malware-project malware-research malwaredetection malwareproject projects sem8 semproject
Last synced: 28 Oct 2024
https://github.com/user1342/DroidDetective
A machine learning malware analysis framework for Android apps.
androguard android android-application artificial-intelligence machine-learning malware malware-analysis malware-detection python random-forest reverse-engineering
Last synced: 31 Oct 2024
https://github.com/reveng007/checkhooks-n-load
A Windows stager-cum-PELoader focusing Dynamic EDR Evasion, as well as FUD till now (03/03/23), when Operator wants to Know the the Underlying functions Hooks and then craft Implant based on the previous condition.
av evasion implant loader malware redteam stager windows
Last synced: 12 Nov 2024
https://github.com/chainski/forceadmin
Collection of script templates to create infinite UAC prompts forcing a user to run as admin ⚠
autoit3 autoit3-script batchfile blueteam-tools exploit forceadmin hacking hta malware payload pentesting post-exploitation powershell powershell-payload privilege-escalation redteam-tools uac windows windows-exploitation
Last synced: 21 Jan 2025
https://github.com/mypdns/matrix
My Privacy DNS #Matrix lists for blacklisting
anti-malware antimalware dns-record information-security malware malware-protection network-security phishing-protection privacy privacy-by-design privacy-online privacy-preserving privacy-protection privacy-tools response-policy-zone rpz safe-browsing safebrowsing security-hardening security-tools
Last synced: 22 Jan 2025
https://github.com/fr0gger/unprotect
Unprotect is a python tool for parsing PE malware and extract evasion techniques.
anti-debug evasion malware packer python sandbox
Last synced: 19 Nov 2024
https://github.com/CosmodiumCS/MalwareDNA
This repository contains various snippets I use in my malware, command and control servers, payloads, and much more. Hopefully it can help you out in building your own malware and payloads :D
hak5 malware malware-analysis malware-development
Last synced: 31 Dec 2024
https://github.com/0x48piraj/incarcero
Incarcero is a tool that creates Virtual Machines (VMs) preconfigured with malware analysis tools and security settings tailored for malware analysis without any user interaction.
malware malware-analysis malware-detection malware-research malware-samples research security
Last synced: 06 Jan 2025
https://github.com/Chainski/ForceAdmin
Collection of script templates to create infinite UAC prompts forcing a user to run as admin ⚠
autoit3 autoit3-script batchfile blueteam-tools exploit forceadmin hacking hta malware payload pentesting post-exploitation powershell powershell-payload privilege-escalation redteam-tools uac windows windows-exploitation
Last synced: 13 Nov 2024
https://github.com/hackerxphantom/xransom
Create ransomware with termux no root
android android-ransomware hacker-xphantom hackerxphantom hacking-tool malware python3 ransomware ransomware-builder shell termux-hacking termux-tool trojan virus wannacry xransom xransom-github
Last synced: 24 Jan 2025
https://github.com/reveng007/reflectiventdll
A Dropper POC with a focus on aiding in EDR evasion, NTDLL Unhooking followed by loading ntdll in-memory, which is present as shellcode (using pe2shc by @hasherezade). Payload encryption via SystemFucntion033 NtApi and No new thread via Fiber
antivirus bypass bypass-antivirus dropper edr evasion fiber implant malware ntdll-unhooking process-injection systemfunction033
Last synced: 12 Nov 2024
https://github.com/openclarity/vmclarity
VMClarity is a tool for agentless detection and management of Virtual Machine Software Bill Of Materials (SBOM) and vulnerabilities
agentless cloud exploits leaked-secrets malware misconfigurations rootkits sbom secrets-detection security vulnerabilities vulnerability-scanners
Last synced: 22 Jan 2025
