Malware | Ecosyste.ms: Awesome

https://github.com/mpast/mobileAudit

Django application that performs SAST and Malware Analysis for Android APKs

androguard android-security apk apk-analysis code-security defect-dojo django django-rest-framework docker malware malware-analysis mobile-audit mobile-security sast virustotal

Last synced: 02 Nov 2024

https://github.com/CheckPointSW/showstopper

ShowStopper is a tool for helping malware researchers explore and test anti-debug techniques or verify debugger plugins or other solutions that clash with standard anti-debug methods.

anti-debug malware research

Last synced: 04 Aug 2024

https://github.com/0xDanielLopez/phishing_kits

Exposing phishing kits seen from phishunt.io

malware osint phishing phishing-attacks phishing-detection phishing-kit phishing-sites scam scam-sites

Last synced: 04 Aug 2024

https://github.com/nyan-x-cat/lime-miner

a simple hidden silent XMR miner.

cpu hidden malware miner mining monero xmr

Last synced: 26 Sep 2024

https://github.com/anteater/anteater

Anteater - CI/CD Gate Check Framework

anteater circleci developer-tools development-enviroment devops devops-tools devsecops gate jenkins-pipeline malware regexp scanning security-audit travis-ci virus-total

Last synced: 29 Sep 2024

https://github.com/evilsocket/ergo-pe-av

🧠 🦠 An artificial neural network and API to detect Windows malware, based on Ergo and LIEF.

antivirus api ergo gpu keras machine-learning malware

Last synced: 28 Oct 2024

https://github.com/grazfather/practicalmalwarelabs

Keep track of the labs from the book "Practical Malware Analysis"

malware practical-malware-analysis reverse-engineering writeup

Last synced: 27 Oct 2024

https://github.com/P4T12ICK/ypsilon

Automated Use Case Testing

ansible cuckoo elk malware security siem splunk use-case

Last synced: 03 Aug 2024

https://github.com/cocomelonc/meow

Cybersecurity research results. Simple C/C++ and Python implementations

cryptography cybersecurity hacking malware malware-analysis malware-research mathematics maths research

Last synced: 09 Nov 2024

https://github.com/p4t12ick/ypsilon

Automated Use Case Testing

ansible cuckoo elk malware security siem splunk use-case

Last synced: 31 Oct 2024

https://github.com/Karneades/malware-persistence

Collection of malware persistence and hunting information. Be a persistent persistence hunter!

malware malware-analysis malware-detection malware-persistence persistence threat-hunting threat-intelligence

Last synced: 28 Oct 2024

https://github.com/duggytuxy/malicious_ip_addresses

Lists of addresses of the most active C2, Botnets, Zombies, Scanners in European Cyber Space

botnets cyber-threat-intelligence cybersecurity ddos ipaddresses ipv4 malicious malware zombies

Last synced: 01 Nov 2024

https://github.com/henriksb/extensionspoofer

Spoof file icons and extensions in Windows

extension-spoof file-spoof filespoof hack hacking malware spoof spoofing trojan virus

Last synced: 04 Aug 2024

https://github.com/NVISOsecurity/binsnitch

Detect silent (unwanted) changes to files on your system

infosec integrity-monitoring malware malware-analysis

Last synced: 09 Nov 2024

https://github.com/nazywam/autoit-ripper

Extract AutoIt scripts embedded in PE binaries

autoit extraction malware

Last synced: 06 Nov 2024

https://github.com/GlacierW/MBA

Malware Behavior Analyzer

dynamic-binary-analysis forensics malware program-analysis qemu sandbox taint-analysis virtual-machine-introspection

Last synced: 02 Aug 2024

https://github.com/nyan-x-cat/limeusb-csharp

Malware USB Spread | Example C#

backdoor badusb malware spread spreading usb

Last synced: 08 Nov 2024

https://github.com/PI-Defender/pi-defender

Kernel Security driver used to block past, current and future process injection techniques on Windows Operating System.

anti-injection anti-malware antivirus blue-team defense driver kernel malware process-injection security windows

Last synced: 09 Nov 2024

https://github.com/moistcoder/cockygrabber

C# library for the collection of browser information such as cookies, logins, bookmarks and more

bookmark browser c c-sharp chromium cookie csharp csharp-code csharp-library download grabber history lib library login malware net netframework password stealer

Last synced: 12 Oct 2024

https://github.com/eset/stadeo

Control-flow-flattening and string deobfuscator

control-flow deobfuscation deobfuscator emotet ida ida-pro idapython malware miasm python reverse-engineering stantinko strings

Last synced: 09 Nov 2024

https://github.com/jpcertcc/malconfscan-with-cuckoo

Cuckoo Sandbox plugin for extracts configuration data of known malware

cuckoo-sandbox malware memory python security volatility

Last synced: 05 Nov 2024

https://github.com/NuclearPhoenixx/fake-sandbox

👁‍🗨 This script will simulate fake processes of analysis sandbox/VM software that some malware will try to avoid.

antivirus fake malware powershell process sandbox spyware tool windows windows-10

Last synced: 10 Sep 2024

https://github.com/mrexodia/lolbin-poc

Small PoC of using a Microsoft signed executable as a lolbin.

edr-bypass malware poc redteam redteam-tools redteaming windbg windbg-extension

Last synced: 27 Oct 2024

https://github.com/santosomar/who_and_what_to_follow

Who and what to follow in the world of cyber security

cyber-security cybersecurity incident-response malware network news security

Last synced: 03 Aug 2024

https://github.com/pelock/simple-polymorphic-engine-spe32

Simple Polymorphic Engine (SPE32) is a simple polymorphic engine for encrypting code and data. It is an amateur project that can be used to demonstrate what polymorphic engines are.

assembler decryption encryption junk-instructions malware malware-analysis masm masm32 polymorphic-engine polymorphic-engines reverse-engineering shellcode virus win32asm

Last synced: 12 Oct 2024

https://github.com/testingpens/malwarepersistencescripts

A collection of scripts I've written to help red and blue teams with malware persistence techniques.

blueteam living-off-the-land malware persistence powershell redteam

Last synced: 03 Aug 2024

https://github.com/hasherezade/antianalysis_demos

Set of antianalysis techniques found in malware

antidebug malware malware-evasion

Last synced: 29 Oct 2024

https://github.com/nyan-x-cat/lime-downloader

Simple Malware Downloader

downloader loader malware

Last synced: 08 Nov 2024

https://github.com/ivan-sincek/php-ransomware

PHP ransomware that encrypts your files, as well as file and directory names.

defensive-security ethical-hacking malware offensive-security openssl php ransomware reverse-engineering security

Last synced: 01 Nov 2024

https://github.com/guitmz/Fe2O3

Simple prepender virus written in Rust

elf linux malware rust virus

Last synced: 03 Nov 2024

https://github.com/telekom-security/malware_analysis

This repository contains analysis scripts, YARA rules, and additional IoCs related to our Telekom Security blog posts.

cti malware malware-analysis malware-research reverse-engineering

Last synced: 07 Nov 2024

https://github.com/PanagiotisDrakatos/JavaRansomware

Simple Ransomware Tool in Pure Java

educational-software encryption-decryption malware ransomware security virus

Last synced: 04 Aug 2024

https://github.com/guitmz/fe2o3

Simple prepender virus written in Rust

elf linux malware rust virus

Last synced: 09 Nov 2024

https://github.com/peterdavehello/url-shorteners

A comprehensive, high-quality URL shorteners domain list for whitelist/allowlist or blacklist/blocklist purposes, utilized by NextDNS, ControlD, RethinkDNS, dnslow.me, and other OSINT projects.

adguard-blocklist allowlist blacklist blocking blocklist cyber-security dns dnsbl domain hacktoberfest hosts malware osint phishing pihole privacy security threat-intelligence url-shortener whitelist

Last synced: 17 Oct 2024

https://github.com/mitchellkrogza/badd-boyz-hosts

A hosts file for use on any operating system to block bad domains out of your servers or devices.

adware android blocker clickjacking gambling-filter hosts hostsfile linux malware porn-filter ransomware windows

Last synced: 27 Oct 2024

https://github.com/nullarray/archivist

A ctypes powered python keylogger.

keylogger malware python security

Last synced: 14 Oct 2024

https://github.com/mitchellkrogza/Badd-Boyz-Hosts

A hosts file for use on any operating system to block bad domains out of your servers or devices.

adware android blocker clickjacking gambling-filter hosts hostsfile linux malware porn-filter ransomware windows

Last synced: 04 Aug 2024

https://github.com/FZGbzuw412/Python-RAT

Remote Administration tool for Windows Systems written in pure Python

client-server client-side hacking hacking-tools malware python python-script python3 rat remote-admin-tool remote-config remote-control remote-desktop remote-execution remote-shell reverse-shell server server-side

Last synced: 04 Aug 2024

https://github.com/user1342/DroidDetective

A machine learning malware analysis framework for Android apps.

androguard android android-application artificial-intelligence machine-learning malware malware-analysis malware-detection python random-forest reverse-engineering

Last synced: 31 Oct 2024

https://github.com/vatshayan/malware-detection-final-year-project

Final Year Malware Detection Project with PPT, Research Paper, code and Synopsis. Malware detection project by Machine Learning ALgorithms.

btech btechfinalyear cryptographyproject cybersecurity datasets final-project final-year-project machine machine-learning machinelearningprojects malware malware-analysis malware-detection malware-project malware-research malwaredetection malwareproject projects sem8 semproject

Last synced: 28 Oct 2024

https://github.com/brakmic/sinkholes

:bug: Malware Sinkhole List in various formats

csv infosec malware sinkhole xlsx

Last synced: 08 Nov 2024

https://github.com/err0r-ica/viridae

Virus - Trojans - Worms - Malwares

hacking hacking-tool hacking-tools kali kali-linux kali-scripts linux malware malware-analysis termux termux-hacking termux-tool termux-tools tool tools trojan trojan-rat virus worm worms

Last synced: 09 Nov 2024

https://github.com/CosmodiumCS/MalwareDNA

This repository contains various snippets I use in my malware, command and control servers, payloads, and much more. Hopefully it can help you out in building your own malware and payloads :D

hak5 malware malware-analysis malware-development

Last synced: 07 Sep 2024

https://github.com/0x48piraj/incarcero

Incarcero is a tool that creates Virtual Machines (VMs) preconfigured with malware analysis tools and security settings tailored for malware analysis without any user interaction.

malware malware-analysis malware-detection malware-research malware-samples research security

Last synced: 10 Nov 2024

https://github.com/jpcertcc/impfuzzy

Fuzzy Hash calculated from import API of PE files

clustering impfuzzy malware neo4j python security volatility

Last synced: 05 Nov 2024

https://github.com/alichtman/malware-techniques

A collection of techniques commonly used in malware to accomplish core tasks.

linux macos malware malware-analysis malware-development malware-research reverse-engineering

Last synced: 27 Oct 2024

https://github.com/nyan-x-cat/dropless-malware

Download a payload and make it run from registry without droppng.

backdoor downloader drop dropper malware persistence

Last synced: 08 Nov 2024

https://github.com/te-k/pecli

CLI tool to analyze PE files

malware malware-analysis reverse-engineering

Last synced: 14 Oct 2024

https://github.com/ZeroMemoryEx/U-Boat

Russian Wipers Dropper (educational-purposes )

dropper malware malware-development malware-research malware-sample process-injection win32api wiper

Last synced: 04 Aug 2024

https://github.com/nyan-x-cat/revengerat-stub-cssharp

Revenge-RAT C# Stub - Fixed

backdoor client code malware rat revengerat source stub

Last synced: 08 Nov 2024

https://github.com/peterdavehello/threat-hostlist

Comprehensive domain blocklists for 🚨 threats (🕷malware, 🎣phishing, 🕵️spyware, 🤖botnets). Ideal for DNS-based filtering tools like Pi-Hole, AdGuard Home, Blocky.

adguard-blocklist blocklist botnets cybersecurity dns domain hacktoberfest hosts infosec malware osint phishing ransomware security spyware threat-intelligence threats

Last synced: 02 Nov 2024

https://github.com/Chainski/ForceAdmin

Collection of script templates to create infinite UAC prompts forcing a user to run as admin ⚠

autoit3 autoit3-script batchfile blueteam-tools exploit forceadmin hacking malware payload pentesting post-exploitation powershell powershell-payload privilege-escalation redteam-tools uac windows windows-exploitation

Last synced: 02 Aug 2024

https://github.com/sisoma2/shellcodeloader

Small tool to load shellcodes or PEs to analyze them

breakpoint malware malware-analysis shellcode visual-studio windows

Last synced: 16 Oct 2024

https://github.com/ivan-sincek/keylogger

Windows OS keylogger with a hook mechanism (i.e. with a keyboard hook procedure).

bug-bounty c-plus-plus ethical-hacking keyboard-hook-procedure keylogger malware offensive-security red-team-engagement reverse-engineering security windows

Last synced: 08 Nov 2024

https://github.com/lennolium/privacyshield

A comprehensive All-in-One AdGuard Filter List optimized for DNS level blocking of Ads, Analytics, Tracking, Malware & Scam.

ad-blocker adblock adguard ads analytics blacklist blocklist dns filter hosts malware phishing pi-hole privacy protection scam security tracking whitelist

Last synced: 10 Oct 2024

https://github.com/mueller-ma/block-ads-via-dns

Block ads and malware via local DNS server

debian-server dns-server malware

Last synced: 07 Nov 2024

https://github.com/hackthedev/teardrop

Open-Source Ransomware Project for learning purpose only written in C# (csharp). Dont use it for bad things.

csharp educational educational-project encryption executeable gpl3 gplv3 leaning learning-by-doing malicious malware ransomware virus windows

Last synced: 04 Aug 2024

https://github.com/raspirus/raspirus

A user- and resources-friendly signatures-based malware scanner

malware nextjs rust tauri virus-scanning

Last synced: 10 Oct 2024

https://github.com/ryuchen/panda-sandbox

这是一个基于 Cuckoo 开源版本的沙箱的修订版本, 该版本完全为了适配国内软件环境所打造

cuckoo cuckoo-sandbox malware malware-analysis sandbox security

Last synced: 28 Oct 2024

https://github.com/mgeeky/msi-shenanigans

Proof of Concept code and samples presenting emerging threat of MSI installer files.

malware red-team security

Last synced: 29 Oct 2024

https://github.com/exbotanical/brutus

extensible exploitation framework shipped on a modular and multi-tasking architecture

arp-spoofing botnet concurrency ethical-hacking exploitation-framework hacking-tool malware mitm-attacks modular-architecture parallelism penetration-testing remote-admin-tool threading trojan

Last synced: 04 Aug 2024

https://github.com/albertzsigovits/malware-tools

A curated list of malware repositories, trackers and malware analysis tools

malware malware-analysis malware-research malware-tools malwareanalysis reverse-engineering

Last synced: 03 Aug 2024

https://github.com/deadbits/malware-analysis-scripts

Collection of scripts for different malware analysis tasks

malware malware-analysis malware-research reverse-engineering

Last synced: 03 Aug 2024

https://github.com/tasket/Qubes-VM-hardening

Fend off malware at Qubes VM startup

hardening hashing malware qubes qubes-os rootkit templates vm-startup vms

Last synced: 06 Nov 2024

https://github.com/peterdavehello/chkdomain

🔍 Discover if a domain is resolvable or blocked by secure DNS and Ad-blocking services, and experience the innovative idea of DaaS - DNS as an Intelligence Service.

adblock cybersecurity dns domain filter hacktoberfest infosec malware osint phishing security threat-intelligence

Last synced: 09 Nov 2024

https://github.com/wurstcommander/win10appremove

A Powershell-Script for removing / debloating Windows 10 apps. Mandatory apps which can't be uninstalled via start menu will be removed too.

appstore appxpackages bloatware debloat debloater explorer folders libraries malware microsoft powershell-script preinstalled regedit remove remover win10 windows windows10 windowsapp windowsstore

Last synced: 11 Oct 2024

https://github.com/pchaigno/dga-collection

A collection of known Domain Generation Algorithms

dga dga-collection malware

Last synced: 28 Oct 2024

https://github.com/cisco-talos/locky

analysis extraction locky malware ransom unpacker

Last synced: 06 Nov 2024

https://github.com/darkcodersc/inno-shellcode-example

Run shellcode through InnoSetup code engine.

inno inno-setup malware shellcode windows

Last synced: 28 Oct 2024

https://github.com/WurstCommander/Win10AppRemove

A Powershell-Script for removing / debloating Windows 10 apps. Mandatory apps which can't be uninstalled via start menu will be removed too.

appstore appxpackages bloatware debloat debloater explorer folders libraries malware microsoft powershell-script preinstalled regedit remove remover win10 windows windows10 windowsapp windowsstore

Last synced: 13 Aug 2024

https://github.com/certsocietegenerale/fame_modules

Community modules for FAME

framework infosec malware malware-analysis malware-research

Last synced: 09 Nov 2024

https://github.com/byt3n33dl3/thefatrat_v2

TheFatRat : Remote control Access Devices and exploiting tool, used as a deadly Backdoor generator that bypass most anti virus software. Penetrate a strong system such as Windows, MacOS, Android, and iOS

autorun backdoor bypass-av linux malware msfvenom remoteaccess shellcode thefatrat trojan

Last synced: 31 Oct 2024

https://github.com/cvar1984/sussyfinder

Single file php webshell scanner to detect potentially malicious backdoor based on token and hash with web interface and VirusTotal integration

antivirus backdoor forensics hacktoberfest malware malware-analysis php webshells

Last synced: 07 Nov 2024

https://github.com/zhuagenborn/goasm-rat

💻 A Windows console remote administration tool written in Go & Intel x86 Assembly. It supports remote shell and screenshot.

cybersecurity malware network remote-administration-tool socket windows

Last synced: 08 Nov 2024

https://github.com/zhuagenborn/windows-dll-injector

💉 A Windows dynamic-link library injection tool written in C++20. It can inject a dynamic-link library into a running process by its window title or create a new process with an injection.

cpp20 cybersecurity dll-inection malware windows

Last synced: 08 Nov 2024