Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
Malware
Malware can take various forms, including viruses, worms, Trojans, ransomware, spyware, and more. Its primary goal is to compromise the integrity, confidentiality, or availability of information, often for financial gain, espionage, or other malicious purposes.
- GitHub: https://github.com/topics/malware
- Wikipedia: https://en.wikipedia.org/wiki/Malware
- Related Topics: virus, security, malware-analysis, cyber-attack, cyber-security, system-tracking, system-monitoring,
- Aliases: computer-malware,
- Last updated: 2024-07-29 13:47:54 UTC
- JSON Representation
https://github.com/droidefense/engine
Droidefense: Advance Android Malware Analysis Framework
android dalvik droidefense dynamic-analysis dynamic-code-analysis engine engineer malware malware-analysis opcodes ransomware reverse security static-analysis static-code-analysis trojan
Last synced: 10 Aug 2024
https://github.com/chenerlich/FCL
FCL (Fileless Command Lines) - Known command lines of fileless malicious executions
command-line fcl file-less incident-response malware malware-analysis malware-detection threat-hunting
Last synced: 01 Aug 2024
https://github.com/jpcertcc/aa-tools
Artifact analysis tools by JPCERT/CC Analysis Center
Last synced: 03 Aug 2024
https://github.com/diogo-fernan/ir-rescue
A Windows Batch script and a Unix Bash script to comprehensively collect host forensic data during incident response.
bash batch cybersecurity dfir forensics incident-response malware nirsoft sysinternals unix windows
Last synced: 01 Aug 2024
https://github.com/pylyf/NetWorm
Python network worm that spreads on the local network and gives the attacker control of these machines.
attacker-control backdoor bruteforcing-local-machines hacking hacking-code machine malware pentesting pentesting-windows python python-network-worm python-virus rat spread trojan worm
Last synced: 02 Aug 2024
https://github.com/eschultze/urlextractor
Information gathering & website reconnaissance | https://phishstats.info/
abuse domain incident-response information-extraction information-gathering malicious-domains malware osint phishing shodan virustotal whois
Last synced: 01 Aug 2024
https://github.com/eschultze/URLextractor
Information gathering & website reconnaissance | https://phishstats.info/
abuse domain incident-response information-extraction information-gathering malicious-domains malware osint phishing shodan virustotal whois
Last synced: 09 Aug 2024
https://github.com/machine1337/gmailc2
A Fully Undetectable C2 Server That Communicates Via Google SMTP to evade Antivirus Protections and Network Traffic Restrictions
c2server evasion fud-rat googlec2 hacking linux-exploits malware network-analysis penetration-testing rat redteaming smtprat windows-exploitation
Last synced: 01 Aug 2024
https://github.com/mandiant/FIDL
A sane API for IDA Pro's decompiler. Useful for malware RE and vulnerability research
api decompiler ida malware research reversing vulnerability
Last synced: 30 Jul 2024
https://github.com/phpMussel/phpMussel
PHP-based anti-virus anti-trojan anti-malware solution.
anti-malware anti-spam anti-trojan anti-virus antivirus clamav file-upload hacktoberfest malware php phpmussel protection security signatures upload uploads viruses websites
Last synced: 31 Jul 2024
https://github.com/CERT-Polska/mquery
YARA malware query accelerator (web frontend)
database malware security-automation security-tools yara
Last synced: 02 Aug 2024
https://github.com/SitinCloud/Owlyshield
Owlyshield is an EDR framework designed to safeguard vulnerable applications from potential exploitation (C&C, exfiltration and impact).
antivirus behavior-analysis command-and-control cybersecurity edr exfiltration impact machine-learning malware malware-analysis malware-research ransomware threat-hunting
Last synced: 06 Aug 2024
https://github.com/CheckPointSW/Evasions
Evasions encyclopedia gathers methods used by malware to evade detection when run in virtualized environment. Methods are grouped into categories for ease of searching and understanding. Also provided are code samples, signature recommendations and countermeasures within each category for the described techniques.
anti-analysis anti-emulation anti-sandbox anti-vm evasions malware sandbox-evasion vm-detect
Last synced: 30 Jul 2024
https://github.com/diogo-fernan/malsub
A Python RESTful API framework for online malware analysis and threat intelligence services.
api-client cybersecurity malware malware-analysis python restful restful-client virustotal
Last synced: 01 Aug 2024
https://github.com/volatilityfoundation/community
Volatility plugins developed and maintained by the community
malware python volatility-framework volatility-plugins
Last synced: 01 Aug 2024
https://github.com/ionescu007/Simpleator
Simpleator ("Simple-ator") is an innovative Windows-centric x64 user-mode application emulator that leverages several new features that were added in Windows 10 Spring Update (1803), also called "Redstone 4", with additional improvements that were made in Windows 10 October Update (1809), aka "Redstone 5".
containerization containers emulator hyper-v malware malware-analysis operating-systems reverse-engineering security virtualization
Last synced: 01 Aug 2024
https://github.com/maravento/blackweb
Domains Blacklist for Squid-Cache
adware blacklist blocker-proxy blocklist blocklists drugs malware porn ransomware spyware squid warez
Last synced: 20 Aug 2024
https://github.com/owasp-dep-scan/blint
BLint is a Binary Linter to check the security properties, and capabilities in your executables. Since v2, blint is also an SBOM generator for binaries.
binary cyclonedx depscan fuzzing malware sbom supply-chain-analytics supply-chain-security
Last synced: 03 Aug 2024
https://github.com/secrary/InfectPE
InfectPE - Inject custom code into PE file [This project is not maintained anymore]
c-plus-plus malware reverse-engineering
Last synced: 04 Aug 2024
https://github.com/ivan-sincek/invoker
Penetration testing utility and antivirus assessment tool.
access-token bytecode-injection c-plus-plus dll-injection dump-memory ethical-hacking hook-procedure malware offensive-security penetration-testing process-ghosting process-hollowing red-team-engagement reverse-tcp security sticky-keys system-calls task-scheduler windows windows-penetration-testing
Last synced: 01 Aug 2024
https://github.com/nikolaischunk/discord-phishing-links
An actively maintained JSON & txt List containing 22'000+ malicious Domains which are used for phishing on Discord.
discord discord-scams links list malicious-domains malware nitro-scam phishing-detection phishing-links pishing pishing-links-detection scam scam-sites scamblock scammers-database steam steam-scams suspicious tokengrabber
Last synced: 01 Aug 2024
https://github.com/phype/telnet-iot-honeypot
Python telnet honeypot for catching botnet binaries
botnet honeypot malware telnet-server
Last synced: 03 Aug 2024
https://github.com/0x0be/PEpper
An open source script to perform malware static analysis on Portable Executable
malware malware-analysis python3 static-analysis
Last synced: 01 Aug 2024
https://github.com/ScriptTiger/Unified-Hosts-AutoUpdate
Quickly and easily install, uninstall, and set up automatic updates for any of Steven Black's unified hosts files.
ad-blocker autoupdate autoupdate-script blacklist easy gambling-filter hosts install installer malware microsoft porn-filter scheduling social-media-filter unified-hosts uninstaller unsintall updater updater-script windows
Last synced: 02 Aug 2024
https://github.com/KCarretto/paragon
Red Team engagement platform with the goal of unifying offensive tools behind a simple UI
api botnet command-and-control cross-platform dsl framework frontend golang graphql implants knowledge-graph malware malware-development offensive redteam scripting-language starlark threat-emulation toolkit
Last synced: 04 Aug 2024
https://github.com/santoru/filewatcher
A simple auditing utility for macOS
auditing filesystem macos malware monitoring security-audit
Last synced: 01 Aug 2024
https://github.com/mitchellkrogza/the-big-list-of-hacked-malware-web-sites
This repository contains a list of all web sites I come across that are either hacked with or purposefully hosting malware, ransomware, viruses or trojans.
browsers click-jacking click-redirecting clickjacking cyber-security cybersecurity hacked malware petya porn ransomware technical-support trojans viruses wannacry website wordpress wordpress-site
Last synced: 03 Aug 2024
https://github.com/petercunha/GoAT
:goat: GoAT (Golang Advanced Trojan) is a trojan that uses Twitter as a C&C server
decentralized golang hacking malware trojan
Last synced: 03 Aug 2024
https://github.com/A3sal0n/FalconGate
A smart gateway to stop cyber criminals - Sponsored by Falcon Guard
cybersecurity firewall malware security-tools
Last synced: 04 Aug 2024
https://github.com/sapphirex00/Threat-Hunting
Personal compilation of APT malware from whitepaper releases, documents and own research
collection malware malware-analysis malware-detection malware-research threat-hunting threat-intelligence threat-modeling threat-sharing yara-rules
Last synced: 01 Aug 2024
https://github.com/mitchellkrogza/The-Big-List-of-Hacked-Malware-Web-Sites
This repository contains a list of all web sites I come across that are either hacked with or purposefully hosting malware, ransomware, viruses or trojans.
browsers click-jacking click-redirecting clickjacking cyber-security cybersecurity hacked malware petya porn ransomware technical-support trojans viruses wannacry website wordpress wordpress-site
Last synced: 01 Aug 2024
https://github.com/ThreatLabz/ransomware_notes
An Archive of Ransomware Notes Past and Present Collected by Zscaler ThreatLabz
akira alphv blackbasta blackbyte blackcat blacksuit cactus clop hive karakurt lockbit mallox malware malware-research medusa notes qilin ransom ransomware revil
Last synced: 01 Aug 2024
https://github.com/EvilBytecode/GoDefender
Anti Virtulization, Anti Debugging, AntiVM, Anti Virtual Machine, Anti Debug, Anti Sandboxie, Anti Sandbox, VM Detect package. Windows ONLY.
anti-cracking anti-debug anti-vm debugger debugging malware protection reverse-engineering
Last synced: 01 Aug 2024
https://github.com/MDudek-ICS/TRISIS-TRITON-HATMAN
Repository containting original and decompiled files of TRISIS/TRITON/HATMAN malware
ics ics-security malware python scada scada-security
Last synced: 04 Aug 2024
https://github.com/GetRektBoy724/MeterPwrShell
Automated Tool That Generates The Perfect Meterpreter Powershell Payload
amsi av-evasion bypass bypass-amsi bypass-antivirus bypass-firewall bypass-uac fud malware metasploit metasploit-framework meterpreter one-liner payload stager windows
Last synced: 04 Aug 2024
https://github.com/gleeda/memtriage
Allows you to quickly query a Windows machine for RAM artifacts
live-analysis malware memory memory-analysis memory-forensics ram volatility windows-machine winpmem
Last synced: 01 Aug 2024
https://github.com/AdroitAdorKhan/EnergizedProtection
A merged collection of hosts from reputable sources. #StayEnergized!
ad-block ad-blocker adblock malware porn spam
Last synced: 03 Aug 2024
https://github.com/prodaft/malware-ioc
This repository contains indicators of compromise (IOCs) of our various investigations.
apt cybersecurity ioc malware malware-detection malware-research ransomware threat-hunting threat-intelligence threatintel threatintelligence ttp
Last synced: 01 Aug 2024
https://github.com/evilsocket/sauron
A minimalistic cross-platform malware scanner with non-blocking realtime filesystem monitoring using YARA rules.
malware scanner signature signatures virus yara
Last synced: 17 Aug 2024
https://github.com/DevSpen/scam-links
Collection of phishing and malicious links that focuses on Steam and Discord scams.
discord discord-scams hacktoberfest links list malicious-domains malware nitro-scam phishing-detection phishing-links phishing-links-detection scam-api scam-links scam-sites scammer scammers scams steam steam-scams
Last synced: 01 Aug 2024
https://github.com/mpast/mobileAudit
Django application that performs SAST and Malware Analysis for Android APKs
androguard android-security apk apk-analysis code-security defect-dojo django django-rest-framework docker malware malware-analysis mobile-audit mobile-security sast virustotal
Last synced: 01 Aug 2024
https://github.com/CheckPointSW/showstopper
ShowStopper is a tool for helping malware researchers explore and test anti-debug techniques or verify debugger plugins or other solutions that clash with standard anti-debug methods.
Last synced: 04 Aug 2024
https://github.com/0xDanielLopez/phishing_kits
Exposing phishing kits seen from phishunt.io
malware osint phishing phishing-attacks phishing-detection phishing-kit phishing-sites scam scam-sites
Last synced: 04 Aug 2024
https://github.com/duggytuxy/malicious_ip_addresses
Lists of addresses of the most active C2, Botnets, Zombies, Scanners in European Cyber Space
botnets cyber-threat-intelligence cybersecurity ddos ipaddresses ipv4 malicious malware zombies
Last synced: 01 Aug 2024
https://github.com/henriksb/extensionspoofer
Spoof file icons and extensions in Windows
extension-spoof file-spoof filespoof hack hacking malware spoof spoofing trojan virus
Last synced: 04 Aug 2024
https://github.com/NVISOsecurity/binsnitch
Detect silent (unwanted) changes to files on your system
infosec integrity-monitoring malware malware-analysis
Last synced: 02 Aug 2024
https://github.com/GlacierW/MBA
Malware Behavior Analyzer
dynamic-binary-analysis forensics malware program-analysis qemu sandbox taint-analysis virtual-machine-introspection
Last synced: 02 Aug 2024
https://github.com/Karneades/malware-persistence
Collection of malware persistence and hunting information. Be a persistent persistence hunter!
malware malware-analysis malware-detection malware-persistence persistence threat-hunting threat-intelligence
Last synced: 31 Jul 2024
https://github.com/PI-Defender/pi-defender
Kernel Security driver used to block past, current and future process injection techniques on Windows Operating System.
anti-injection anti-malware antivirus blue-team defense driver kernel malware process-injection security windows
Last synced: 02 Aug 2024
https://github.com/NuclearPhoenixx/fake-sandbox
👁🗨 This script will simulate fake processes of analysis sandbox/VM software that some malware will try to avoid.
antivirus fake malware powershell process sandbox spyware tool windows windows-10
Last synced: 10 Sep 2024
https://github.com/santosomar/who_and_what_to_follow
Who and what to follow in the world of cyber security
cyber-security cybersecurity incident-response malware network news security
Last synced: 03 Aug 2024
https://github.com/testingpens/malwarepersistencescripts
A collection of scripts I've written to help red and blue teams with malware persistence techniques.
blueteam living-off-the-land malware persistence powershell redteam
Last synced: 03 Aug 2024
https://github.com/PanagiotisDrakatos/JavaRansomware
Simple Ransomware Tool in Pure Java
educational-software encryption-decryption malware ransomware security virus
Last synced: 04 Aug 2024
https://github.com/telekom-security/malware_analysis
This repository contains analysis scripts, YARA rules, and additional IoCs related to our Telekom Security blog posts.
cti malware malware-analysis malware-research reverse-engineering
Last synced: 02 Aug 2024
https://github.com/mitchellkrogza/Badd-Boyz-Hosts
A hosts file for use on any operating system to block bad domains out of your servers or devices.
adware android blocker clickjacking gambling-filter hosts hostsfile linux malware porn-filter ransomware windows
Last synced: 04 Aug 2024
https://github.com/FZGbzuw412/Python-RAT
Remote Administration tool for Windows Systems written in pure Python
client-server client-side hacking hacking-tools malware python python-script python3 rat remote-admin-tool remote-config remote-control remote-desktop remote-execution remote-shell reverse-shell server server-side
Last synced: 04 Aug 2024
https://github.com/user1342/DroidDetective
A machine learning malware analysis framework for Android apps.
androguard android android-application artificial-intelligence machine-learning malware malware-analysis malware-detection python random-forest reverse-engineering
Last synced: 31 Jul 2024
https://github.com/CosmodiumCS/MalwareDNA
This repository contains various snippets I use in my malware, command and control servers, payloads, and much more. Hopefully it can help you out in building your own malware and payloads :D
hak5 malware malware-analysis malware-development
Last synced: 07 Sep 2024
https://github.com/ZeroMemoryEx/U-Boat
Russian Wipers Dropper (educational-purposes )
dropper malware malware-development malware-research malware-sample process-injection win32api wiper
Last synced: 04 Aug 2024
https://github.com/alichtman/malware-techniques
A collection of techniques commonly used in malware to accomplish core tasks.
linux macos malware malware-analysis malware-development malware-research reverse-engineering
Last synced: 02 Aug 2024
https://github.com/Chainski/ForceAdmin
Collection of script templates to create infinite UAC prompts forcing a user to run as admin ⚠
autoit3 autoit3-script batchfile blueteam-tools exploit forceadmin hacking malware payload pentesting post-exploitation powershell powershell-payload privilege-escalation redteam-tools uac windows windows-exploitation
Last synced: 02 Aug 2024
https://github.com/mueller-ma/block-ads-via-dns
Block ads and malware via local DNS server
debian-server dns-server malware
Last synced: 02 Aug 2024
https://github.com/ivan-sincek/keylogger
Windows OS keylogger with a hook mechanism (i.e. with a keyboard hook procedure).
bug-bounty c-plus-plus ethical-hacking keyboard-hook-procedure keylogger malware offensive-security red-team-engagement reverse-engineering security windows
Last synced: 04 Aug 2024
https://github.com/Raspirus/Raspirus
A user- and resources-friendly signatures-based malware scanner
malware nextjs rust tauri virus-scanning
Last synced: 02 Aug 2024
https://github.com/hackthedev/teardrop
Open-Source Ransomware Project for learning purpose only written in C# (csharp). Dont use it for bad things.
csharp educational educational-project encryption executeable gpl3 gplv3 leaning learning-by-doing malicious malware ransomware virus windows
Last synced: 04 Aug 2024
https://github.com/exbotanical/brutus
extensible exploitation framework shipped on a modular and multi-tasking architecture
arp-spoofing botnet concurrency ethical-hacking exploitation-framework hacking-tool malware mitm-attacks modular-architecture parallelism penetration-testing remote-admin-tool threading trojan
Last synced: 04 Aug 2024
https://github.com/albertzsigovits/malware-tools
A curated list of malware repositories, trackers and malware analysis tools
malware malware-analysis malware-research malware-tools malwareanalysis reverse-engineering
Last synced: 03 Aug 2024
https://github.com/deadbits/malware-analysis-scripts
Collection of scripts for different malware analysis tasks
malware malware-analysis malware-research reverse-engineering
Last synced: 03 Aug 2024
https://github.com/tasket/Qubes-VM-hardening
Fend off malware at Qubes VM startup
hardening hashing malware qubes qubes-os rootkit templates vm-startup vms
Last synced: 01 Aug 2024
https://github.com/WurstCommander/Win10AppRemove
A Powershell-Script for removing / debloating Windows 10 apps. Mandatory apps which can't be uninstalled via start menu will be removed too.
appstore appxpackages bloatware debloat debloater explorer folders libraries malware microsoft powershell-script preinstalled regedit remove remover win10 windows windows10 windowsapp windowsstore
Last synced: 13 Aug 2024
https://github.com/Levi2288/AdvancedBlockList
Block list for PI hole
adblock adblock-list domain-list hostfile hostfile-blocklist malware malware-list pihole pihole-adblocker-list pihole-blocklists pihole-updated pihole-whitelist pihole-youtube-ads piholeblocklist privacy
Last synced: 05 Aug 2024
https://github.com/imp0rtp3/Yobi
Yara Based Detection Engine for web browsers
add-on antivirus dfir firefox javascript malware scanner yara
Last synced: 02 Aug 2024
https://github.com/mucoze/Umay
IoT Malware Similarity Analysis Platform
django infosec iot malware malware-analysis reverse-engineering static-analysis
Last synced: 04 Aug 2024
https://github.com/scrapbird/sarlacc
SMTP server / sinkhole for collecting spam
malware sinkhole smtp-server spam
Last synced: 03 Aug 2024
https://github.com/PL-V/Firefox-WebInject
Firefox webInjector capable of injecting codes into webpages using a mitmproxy.
hacking-tool hooking malware malware-development red-teaming
Last synced: 01 Aug 2024
https://github.com/lucadivit/pcap_features_extraction
This program allow you to extract some features from pcap files.
attacker csv feature-extraction features legitimate-pcap malware malware-analysis packet-analyser packet-filter pca-analysis pcap
Last synced: 03 Aug 2024
https://github.com/aress31/sci
Framework designed to automate the process of assembly code injection (trojanising) within Android applications.
android assembly code-injection framework malware mobile-security pentesting python reverse-engineering smali spyware trojan
Last synced: 04 Aug 2024
https://github.com/GDATASoftwareAG/vaas
Verdict-as-a-Service SDKs: Analyze files for malicious content
it-security malware malware-analysis malware-detection security
Last synced: 04 Aug 2024
https://github.com/0xN3utr0n/Kanis
Advanced threat detection solution for Linux.
antivirus container-security containers docker endpoint-security ids linux malware rootkit threat-detection yara yara-scanner
Last synced: 01 Aug 2024
https://github.com/abathelt/Resources
Learning resources, blogs, news, SQL, PowerShell, SQL, Linux, Revers Engineering, Malware
Last synced: 13 Aug 2024
https://github.com/loneicewolf/LOJAX
LOJAX ROOTKIT (UEFI) +PDF Included[x]
bootkit lojax malware rootkit uefi uefi-rootkit
Last synced: 04 Aug 2024
https://github.com/fr0gger/Yara-Unprotect
This repository regroups the Yara Rules for the Unprotect Project
Last synced: 02 Aug 2024
https://github.com/hjunker/ProcessBouncer
ProcessBouncer is a simple but effective tool for blocking malware with a process-based approach. With a little fine-tuning this allows to effectively block most of current ransomware that is out there.
administrator malware powershell-script protection ransomware
Last synced: 13 Aug 2024
https://github.com/shivam0110/Ethical-Hacking
Codes for malware, viruses and key-logger and other tools
c codes cpp cybersecurity ethical-hacking keylogger malware malware-folder open-source pentesting pentesting-tools pentesting-windows viruses vpn windows
Last synced: 29 Jul 2024
https://github.com/IQTLabs/AuraBorealisApp
Do You Know What's In Your Python Packages? A Tool for Visualizing Python Package Registry Security Audit Data
flask malware pypi registry security security-audit security-tools static-analysis static-code-analysis
Last synced: 04 Aug 2024
https://github.com/alphaSeclab/malware-ioc-hash
Collection of malware ioc hashes from blog posts. A Python script is provided to search through it.
indicators-of-compromise malware malware-ioc
Last synced: 04 Aug 2024
https://github.com/MonaxGT/gomalshare
Go library MalShare API
cybersecurity go golang hash hashing malware threat threat-intelligence
Last synced: 30 Jul 2024
https://github.com/JMousqueton/Badware
Ransomware for demonstration
csirt demo malware powershell ransomware redteam
Last synced: 04 Aug 2024
https://github.com/gexos/malrepo
A collection of malware samples caught by DIONAEA Honeypot
malware malware-analysis malware-research malware-samples
Last synced: 03 Aug 2024
https://github.com/Ruturaj4/Mobile-Security-Paper_summaries
Papers summaries of some of the most important Mobile Security Papers 📃
adsdk android android-permissions android-sdk ios malware mobile-app mobile-security ransomware research-paper-explanation research-paper-summaries
Last synced: 04 Aug 2024
https://github.com/Timeless-zfqi/AS-DMF-framework
AS-DMF framework guide
encrypted-traffic-analysis feature-reduction feature-selection lightweight malware python3 stacking-classifier tls wireshark zat zeek
Last synced: 29 Jul 2024