166 Open Source Malware Research Software Projects
Free and open source malware research code projects including engines, APIs, generators, and tools.
A GUI/REST interface to find similarities in large sets (think: binaries). Based on ssdeep.
Fang and defang indicators of compromise. You can test this project in a GUI here: http://ioc-fanger.hightower.space .
Malware Organiser12 ⭐
A simple tool to organise large malicious/benign files into a organised Structure.
Owasp Seraphimdroid63 ⭐
OWASP Seraphimdroid is an open source project with aim to create, as a community, an open platform for education and protection of Android users against privacy and security threats.
Malware Samples650 ⭐
A collection of malware samples and relevant dissection information, most probably referenced from http://blog.inquest.net
Phishing Domains, urls websites and threats database. We use the PyFunceble testing tool to validate the status of all known Phishing domains and provide stats to reveal how many unique domains used for Phishing are still active.
Code for the DIMVA 2018 paper: "MemScrimper: Time- and Space-Efficient Storage of Malware Sandbox Memory Dumps"
Threat Hunting231 ⭐
Personal compilation of APT malware from whitepaper releases, documents and own research
A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.
-x-x-x-x- DO NOT RUN ON PRODUCTION MACHINE -x-x-x-x- An ELF virus capable of generating segment padded trojans.
Vx Engines60 ⭐
Collection of source code for Polymorphic, Metamorphic, and Permutation Engines used in Malware
Malware Analysis Writeups129 ⭐
A repository of my completed writeups, along with the samples themselves.
A tool to cluster similar executables (PEs, DEXs, and etc), extract common signature, and generate Yara patterns for malware detection.
A collection of c++ programs that demonstrate common ways to detect the presence of an attached debugger.
Zsshen Yadd28 ⭐
Yet another Android Dex bytecode Disassembler: a static Android app disassembler for fast class and method signature extraction and code structure visualization.
A SDK for the creation of analysis tools without obtaining app source code in order to profile runtime performance, examine code coverage, and track high-risk behaviors of a given app on Android 5.0 and above.
Dex Oracle428 ⭐
A pattern based Dalvik deobfuscator which uses limited execution to improve semantic analysis
Malware Jail392 ⭐
Analyst Casefile53 ⭐
Maltego CaseFile entities for information security investigations, malware analysis and incident response
Android Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android
A Python library and command line tools to provide interactive log visualization.
Black Seo Wordpress Malware20 ⭐
Reverse engineered, decrypted source files from the malware targeting WordPress content management systems.