Documentation
91 projectsa.out (FreeBSD manual pages)
freebsd.org
A.out binary format
wiki.osdev.org
About anti-debug tricks
anti-debug.checkpoint.com
Android packers: Separating from the pack
fortiguard.com
Anti debugging protection techniques with examples
apriorit.com
Anti-unpacker tricks
pferrie.tripod.com
Anti-unpacker tricks - Part 14 (and previous parts)
virusbulletin.com
API deobfuscator: Resolving obfuscated API functions in modern packers
blackhat.com
Armouring the ELF: Binary encryption on the UNIX platform
phrack.org
The art of memory forensics: Detecting malware and threats in Windows, Linux, and mac memory
oreilly.com
The art of unpacking
blackhat.com
Awesome executable packing
A curated list of awesome resources, tools, and literature on executable packing, unpacking, and detection for malware analysis and cybersecurity.
1,5918 days ago
Awesome LLVM security
A curated collection of LLVM-based tools, compilers, and resources focused on security, obfuscation, binary lifting, and compiler development.
8391 day ago
Cloak and dagger: Unpacking hidden malware attacks
symantec-enterprise-blogs.security.com
Cluster analysis
en.wikipedia.org
Clustering algorithms
developers.google.com
COM binary format
wiki.osdev.org
Common object file format (COFF)
wiki.osdev.org
Comparison of executable file formats
en.wikipedia.org
A complexity measure
ieeexplore.ieee.org
Cyclomatic complexity density and software maintenance productivity
ieeexplore.ieee.org
Dealing with virtualization packers
2008.caro.org
Defacto2
defacto2.net
Do we need hundreds of classifiers to solve real world classification problems?
jmlr.org
Dynamic binary analysis and obfuscated codes
triton.quarkslab.com
elf (FreeBSD manual pages)
freebsd.org
Entropy and the distinctive signs of packer PE files
n10info.blogspot.com
Evading machine learning malware detection
blackhat.com
Executable and linkable format (ELF)
wiki.osdev.org
Executable and linking format (ELF) specification
refspecs.linuxfoundation.org
Executable file formats
docs.fileformat.com
Explained: Packer, crypter, and protector
threatdown.com
FatELF: Universal binaries for Linux (HALTED)
icculus.org
Feature selection: A data perspective
dl.acm.org
Gunpack: Un outil générique d'unpacking de malwares
sstic.org
How to use t-SNE effectively
distill.pub
Hyperion: Implementation of a PE-Crypter
exploit-db.com
Implementing your own generic unpacker
gsec.hitb.org
Learn symbolic execution and angr
tyeyeah.github.io
LIEF: Library to instrument executable formats
romainthomas.fr
Mach-O - A look at apple executable files
redmaple.tech
Mach-O file format reference
A mirror of Apple's official documentation describing the Mach-O file format used for macOS and iOS executables.
8781 year ago
Mach-O internals
yossarian.net
Machine learning
en.wikipedia.org
Making our own executable packer
fasterthanli.me
The malware analyst's guide to aPLib decompression
infocon.org
The matthews correlation coefficient (MCC) should replace the ROC AUC as the standard metric for assessing binary classification
doi.org
Microsoft portable executable and common object file format specification
skyfree.org
MITRE ATT&CK | T1027.002 | obfuscated files or information: Software packing - Enterprise
attack.mitre.org
MITRE ATT&CK | T1406.002 | obfuscated files or information: Software packing - Mobile
attack.mitre.org
MZ disk operating system (DOS)
wiki.osdev.org
NotPacked++: Evading static packing detection
blackhat.com
OllyDbg OEP finder scripts
A collection of OllyDbg scripts for unpacking and analyzing software protections in reverse engineering.
Batchfile2774 years ago
On the worst-case complexity of timsort
arxiv.org
One packer to rule them all: Empirical identification, comparison and circumvention of current antivirus detection techniques
blackhat.com
One packer to rule them all: Empirical identification, comparison and circumvention of current antivirus detection techniques
blackhat.com
Packer analysis report debugging and unpacking the NsPack 3.4 and 3.7 packer
sans.org
Packers
storage.googleapis.com
Packers/Protectors for Linux
reverseengineering.stackexchange.com
Packing-box: Breaking detectors & visualizing packing
blackhat.com
Packing-box: Improving detection of executable packing
blackhat.com
Packing-box: Playing with executable packing
blackhat.com
Parsing mach-O files
lowlevelbits.org
Pattern recognition and machine learning (Information science and statistics)
dl.acm.org
PE format - Win32 apps
learn.microsoft.com
PinDemonium: A DBI-based generic unpacker for Windows executables
blackhat.com
Portable executable (PE)
wiki.osdev.org
Practical malware analysis: The hands-on guide to dissecting malicious software
oreilly.com
ProtectMyTooling - Don't detect tools, detect techniques
mgeeky.tech
Qualitative and quantitative evaluation of software packers
webdiis.unizar.es
Reverse engineering malware: Binary obfuscation and protection
cse.tkk.fi
Runtime packers testing experiences
av-test.org
Runtime packers: The hidden problem?
blackhat.com
Standards and policies on packer use
pferrie.epizy.com
A survey of dimensionality reduction techniques
arxiv.org
TitanMist: Your first step to reversing nirvana
media.blackhat.com
Tuts 4 you - UnPackMe (.NET)
forum.tuts4you.com
Tuts 4 you | unpackme
forum.tuts4you.com
The "Ultimate" anti-debugging reference
pferrie.epizy.com
Unpacking binary 101
sam0x90.blog
Unpacking the potential of "Packing box"
medium.com
Unpacking, reversing, patching
infosecinstitute.com
Virtual machine obfuscation
compil2019.minesparis.psl.eu
WaveAtlas: Surfing through the landscape of current malware packers
virusbulletin.com
We can still crack you! General unpacking method for Android Packer (NO ROOT)
blackhat.com
When malware is packing heat
eurecom.fr
Win32 portable executable packing uncovered
securitylabs.websense.com
Writing a packer
dr4k0nia.github.io
Writing a PE packer
wirediver.com
x86 disassembly/Windows executable files
en.wikibooks.org
YARA - The pattern matching swiss knife for malware researchers.
virustotal.github.io
Scientific Research
325 projects2-SPIFF: A 2-stage packer identification method based on function call graph and file attributes
link.springer.com
Absent extreme learning machine algorithm with application to packed executable identification
link.springer.com
An accurate packer identification method using support vector machine
jstage.jst.go.jp
Adaptive unpacking of Android Apps
ieeexplore.ieee.org
Advanced feature engineering for static detection of executable packing
researchportal.rma.ac.be
Advanced preprocessing of binary executable files and its usage in retargetable decompilation
fit.vut.cz
Adversarial attacks against Windows PE malware detection: A survey of the state-of-the-art
linkinghub.elsevier.com
Adversarial EXEmples: A survey and experimental evaluation of practical attacks on machine learning for windows malware detection
dl.acm.org
Adversarial learning on static detection techniques for executable packing
dial.uclouvain.be
Adversarial malware binaries: Evading deep learning for malware detection in executables
ieeexplore.ieee.org
Adversarial tool for breaking static detection of executable packing
dial.uclouvain.be
Adversarially robust assembly language model for packed executables detection
dl.acm.org
All-in-one framework for detection, unpacking, and verification for malware analysis
onlinelibrary.wiley.com
Analysis of machine learning approaches to packing detection
sciencedirect.com
Anti-emulation trends in modern packers: A survey on the evolution of anti-emulation techniques in UPA packers
link.springer.com
API-MalDetect: Automated malware detection framework for windows based on API calls and deep learning techniques
linkinghub.elsevier.com
An application of machine learning to analysis of packed mac malware
scholar.dsu.edu
Application of string kernel based support vector machine for malware packer identification
ieeexplore.ieee.org
The application research of virtual machine in packers
semanticscholar.org
AppSpear: Bytecode decrypting and DEX reassembling for packed Android malware
link.springer.com
The arms race: Adversarial search defeats entropy used to detect malware
sciencedirect.com
Assessing static and dynamic features for packing detection
link.springer.com
Assessing the impact of packing on machine learning-based malware detection and classification systems
sciencedirect.com
Auditing static machine learning anti-Malware tools against metamorphic attacks
linkinghub.elsevier.com
Automated static analysis of virtual-machine packers
core.ac.uk
Automatic analysis of malware behavior using machine learning
dl.acm.org
Automatic generation of adversarial examples for interpreting malware classifiers
semanticscholar.org
Automatic static unpacking of malware binaries
ieeexplore.ieee.org
BareUnpack: Generic unpacking on the bare-metal operating system
jstage.jst.go.jp
Benchmark for filter methods for feature selection in high-dimensional classification data
linkinghub.elsevier.com
Beyond the sandbox: Leveraging symbolic execution for evasive malware classification
linkinghub.elsevier.com
Binary-code obfuscations in prevalent packer tools
dl.acm.org
BinStat tool for recognition of packed executables
ijofcs.org
Birds of a feature: Intrafamily clustering for version identification of packed malware
ieeexplore.ieee.org
BitBlaze: A new approach to computer security via binary analysis
link.springer.com
BODMAS: An open dataset for learning based temporal analysis of PE malware
ieeexplore.ieee.org
Boosting scalability in anomaly-based packed executable filtering
link.springer.com
Building a malware mutation tool
dial.uclouvain.be
Building a smart and automated tool for packed malware detections using machine learning
dial.uclouvain.be
Building high-quality datasets of packed executables - Enhancing static detection models via curated packed binary datasets
hdl.handle.net
Bypassing anti-analysis of commercial protector methods using DBI tools
ieeexplore.ieee.org
Bypassing heaven’s gate technique using black-box testing
mdpi.com
BYTEWEIGHT: Learning to recognize functions in binary code
usenix.org
ByteWise: A case study in neural network obfuscation identification
ieeexplore.ieee.org
Certified robustness of static deep learning-based malware detectors against patch and append attacks
dl.acm.org
Challenging anti-virus through evolutionary malware obfuscation
link.springer.com
Chosen-instruction attack against commercial code virtualization obfuscators
ink.library.smu.edu.sg
Classification of malware by using structural entropy on convolutional neural networks
ojs.aaai.org
Classification of packed executables for accurate computer virus detection
sciencedirect.com
Classifying packed malware represented as control flow graphs using deep graph convolutional neural network
ieeexplore.ieee.org
Classifying packed programs as malicious software detected
semanticscholar.org
A close look at a daily dataset of malware samples
dl.acm.org
Code obfuscation techniques for software protection
cosicdatabase.esat.kuleuven.be
Collective classification for packed executable identification
dl.acm.org
A compact multi-step framework for packing identification in portable executable files for malware analysis
researchsquare.com
A comparative analysis of classifiers in the recognition of packed executables
ieeexplore.ieee.org
A comparative analysis of software protection schemes
researchgate.net
A comparative assessment of malware classification using binary texture analysis and dynamic analysis
dl.acm.org
Comparing malware samples for unpacking: A feasibility study
ieeexplore.ieee.org
Complexity-based packed executable classification with high accuracy
caislab.kaist.ac.kr
A comprehensive solution for obfuscation detection and removal based on comparative analysis of deobfuscation tools
ieeexplore.ieee.org
Conceptual and empirical comparison of dimensionality reduction algorithms (PCA, KPCA, LDA, MDS, SVD, LLE, ISOMAP, LE, ICA, t-SNE)
linkinghub.elsevier.com
A consistently-executing graph-based approach for malware packer identification
ieeexplore.ieee.org
Construction and evaluation of the new heuristic malware detection mechanism based on executable files static analysis
link.springer.com
A control flow graph-based signature for packer identification
ieeexplore.ieee.org
Control flow-based opcode behavior analysis for malware detection
sciencedirect.com
Countering entropy measure attacks on packed software detection
ieeexplore.ieee.org
Cryptographic function detection in obfuscated binaries via bit-precise symbolic loop mapping
ieeexplore.ieee.org
Deceiving end-to-end deep learning malware detectors using adversarial examples
arxiv.org
Deceiving portable executable malware classifiers into targeted misclassification with practical adversarial examples
dl.acm.org
Decoding the secrets of machine learning in malware classification: A deep dive into datasets, feature extraction, and model performance
dl.acm.org
Denial-of-service attacks on host-based generic unpackers
link.springer.com
Deobfuscation of packed and virtualization-obfuscation protected binaries
repository.arizona.edu
Deobfuscation of virtualization-obfuscated code through symbolic execution and compilation optimization
link.springer.com
Deobfuscation of virtualization-obfuscated software: A semantics-based approach
dl.acm.org
Design and development of a new scanning core engine for malware detection
ieeexplore.ieee.org
Design and implementation of a modular executable packer - Experimenting with packing techniques and static detection
hdl.handle.net
Design and performance evaluation of binary code packing for protecting embedded software against reverse engineering
ieeexplore.ieee.org
Detecting obfuscated malware using reduced opcode set and optimised runtime trace
security-informatics.springeropen.com
Detecting obfuscated viruses using cosine similarity analysis
ieeexplore.ieee.org
Detecting packed executable file: Supervised or anomaly detection method?
ieeexplore.ieee.org
Detecting packed executables based on raw binary data
semanticscholar.org
Detecting packed executables using steganalysis
ieeexplore.ieee.org
Detecting packed PE files: Executable file analysis for the Windows operating system
uia.brage.unit.no
Detecting traditional packers, decisively
link.springer.com
Detecting unknown malicious code by applying classification techniques on opcode patterns
doi.org
Detection of metamorphic malware packers using multilayered LSTM networks
link.springer.com
Detection of packed executables using support vector machines
ieeexplore.ieee.org
Detection of packed malware
dl.acm.org
DexHunter: Toward extracting hidden code from packed Android applications
link.springer.com
Disabling anti-debugging techniques for unpacking system in user-level debugger
ieeexplore.ieee.org
DroidPDF: The obfuscation resilient packer detection framework for Android Apps
ieeexplore.ieee.org
Dynamic binary instrumentation for deobfuscation and unpacking
hal.inria.fr
Dynamic classification of packing algorithms for inspecting executables using entropy analysis
ieeexplore.ieee.org
A dynamic heuristic method for detecting packed malware using naive bayes
ieeexplore.ieee.org
Effective, efficient, and robust packing detection and classification
sciencedirect.com
An efficient algorithm to extract control flow-based features for ioT malware detection
academic.oup.com
Efficient and automatic instrumentation for packed binaries
link.springer.com
Efficient automatic original entry point detection
airitilibrary.com
An efficient block-discriminant identification of packed malware
link.springer.com
Efficient malware packer identification using support vector machines with spectrum kernel
ieeexplore.ieee.org
Efficient SVM based packer identification with binary diffing measures
ieeexplore.ieee.org
ELF-Miner: Using structural knowledge and data mining methods to detect new (Linux) malicious executables
dl.acm.org
EMBER2024 - A benchmark dataset for holistic evaluation of malware classifiers
dl.acm.org
EMBER: An open dataset for training static PE malware machine learning models
arxiv.org
An empirical evaluation of an unpacking method implemented with dynamic binary instrumentation
jstage.jst.go.jp
Encoded executable file detection technique via executable file header analysis
earticle.net
Enhanced metamorphic techniques-A case study against havex malware
ieeexplore.ieee.org
Enhancing machine learning based malware detection model by reinforcement learning
dl.acm.org
Entropy analysis to classify unknown packing algorithms for malware detection
link.springer.com
An entropy-based distance measure for analyzing and detecting metamorphic malware
link.springer.com
Entropy-driven visualization in gview: Unveiling the unknown in binary file formats
ieeexplore.ieee.org
ERMDS: A obfuscation dataset for evaluating robustness of learning-based malware detection system
scopus.com
ESCAPE: Entropy score analysis of packed executable
dl.acm.org
Ether: Malware analysis via hardware virtualization extensions
dl.acm.org
Eureka: A framework for enabling static malware analysis
link.springer.com
Evading anti-malware engines with deep reinforcement learning
ieeexplore.ieee.org
Evading packing detection: Breaking heuristic-based static detectors
link.springer.com
Experimental comparison of machine learning models in malware packing detection
ieeexplore.ieee.org
An experimental study on identifying obfuscation techniques in packer
docplayer.net
Experimental toolkit for manipulating executable packing
link.springer.com
Experimental toolkit for studying executable packing - Analysis of the state-of-the-art packing detection techniques
dial.uclouvain.be
Exploring adversarial examples in malware detection
ieeexplore.ieee.org
Fast and robust fixed-point algorithms for independent component analysis
ieeexplore.ieee.org
A fast flowgraph based classification system for packed and polymorphic malware on the endhost
ieeexplore.ieee.org
A fast randomness test that preserves local detail
researchrepository.rmit.edu.au
Feature selection for malware detection based on reinforcement learning
ieeexplore.ieee.org
Feature selection for packer classification based on association rule mining
sciencedirect.com
Feature set reduction for the detection of packed executables
ieeexplore.ieee.org
File packing from the malware perspective: Techniques, analysis approaches, and directions for enhancements
dl.acm.org
Fileprints: Identifying file types by n-gram analysis
ieeexplore.ieee.org
A fine-grained classification approach for the packed malicious code
link.springer.com
A framework for metamorphic malware analysis and real-time detection
linkinghub.elsevier.com
Functionality-preserving black-box optimization of adversarial windows malware
ieeexplore.ieee.org
G3MD: Mining frequent opcode sub-graphs for metamorphic malware detection of existing families
linkinghub.elsevier.com
Generating adversarial malware examples for black-box attacks based on GAN
arxiv.org
A generic approach to automatic deobfuscation of executable code
ieeexplore.ieee.org
Generic black-box end-to-end attack against state of the art API call based malware classifiers
link.springer.com
Generic packing detection using several complexity analysis for accurate malware detection
researchgate.net
Generic unpacker of executable files
semanticscholar.org
Generic unpacking method based on detecting original entry point
link.springer.com
Generic unpacking of self-modifying, aggressive, packed binary programs
arxiv.org
Generic unpacking techniques
ieeexplore.ieee.org
Generic unpacking using entropy analysis
ieeexplore.ieee.org
GUARD: Generic API de-obfuscation and obfuscated malware unpacking with sIAT
dl.acm.org
Hashing-based encryption and anti-debugger support for packing multiple files into single executable
ijarcs.info
A heuristic approach for detection of obfuscated malware
ieeexplore.ieee.org
A heuristics-based static analysis approach for detecting packed PE binaries
article.nadiapub.com
Highlighting the impact of packed executable alterations with unsupervised learning
link.springer.com
Hunting for metamorphic engines
link.springer.com
Identifying malware packers through multilayer feature engineering in static analysis
mdpi.com
An implementation of a generic unpacking method on Bochs Emulator
semanticscholar.org
An improved method for packed malware detection using PE header and section table information
mecs-press.org
Improving malware detection using multi-view ensemble learning
onlinelibrary.wiley.com
Incremental clustering of malware packers using features based on transformed CFG
hal.science
Information theoretic method for classification of packed and encoded files
dl.acm.org
Instructions-based detection of sophisticated obfuscation and packing
ieeexplore.ieee.org
Intriguing properties of adversarial ML attacks in the problem space
arxiv.org
Intriguing properties of neural networks
arxiv.org
A learning model to detect maliciousness of portable executable using integrated feature set
sciencedirect.com
Learning to evade static PE machine learning malware models via reinforcement learning
arxiv.org
Limits of static analysis for malware detection
ieeexplore.ieee.org
Longitudinal study of the prevalence of malware evasive techniques
arxiv.org
MAB-Malware: A reinforcement learning framework for attacking static malware classifiers
arxiv.org
A machine-learning-based framework for supporting malware detection and analysis
link.springer.com
Maitland: Analysis of packed and encrypted malware via paravirtualization extensions
dspace.library.uvic.ca
Mal-EVE: Static detection model for evasive malware
ieeexplore.ieee.org
Mal-flux: Rendering hidden code of packed binary executable
sciencedirect.com
Mal-XT: Higher accuracy hidden-code extraction of packed binary executable
iopscience.iop.org
Mal-xtract: Hidden code extraction using memory analysis
iopscience.iop.org
MaliCage: A packed malware family classification framework based on DNN and GAN
sciencedirect.com
The MALICIA dataset: Identification and analysis of drive-by download operations
dl.acm.org
Malware analysis using multiple API sequence mining control flow graph
arxiv.org
Malware analysis using visualized images and entropy graphs
link.springer.com
Malware detection through opcode sequence analysis using machine learning
api.semanticscholar.org
Malware family classification method based on static feature extraction
ieeexplore.ieee.org
Malware images: Visualization and automatic classification
dl.acm.org
Malware makeover: Breaking ML-based static analysis by modifying executable bytes
arxiv.org
Malware obfuscation techniques: A brief survey
ieeexplore.ieee.org
Malware obfuscation through evolutionary packers
dl.acm.org
Malwise - An effective and efficient classification system for packed and polymorphic malware
ieeexplore.ieee.org
McBoost: Boosting scalability in malware collection and analysis using statistical classification of executables
ieeexplore.ieee.org
Measuring and defeating anti-instrumentation-equipped malware
link.springer.com
Memory behavior-based automatic malware unpacking in stealth debugging environment
ieeexplore.ieee.org
MetaAware: Identifying metamorphic malware
ieeexplore.ieee.org
Metadata recovery from obfuscated programs using machine learning
dl.acm.org
Metamorphic malware detection based on support vector machine classification of malware sub-signatures
telkomnika.uad.ac.id
Metamorphic malware identification using engine-specific patterns based on co-opcode graphs
linkinghub.elsevier.com
Mimicking anti-viruses with machine learning and entropy profiles
mdpi.com
MLxPack: Investigating the effects of packers on ML-based malware detection systems using static and dynamic traits
dl.acm.org
Modern Linux malware exposed
eurecom.fr
MSG: Missing-sequence generator for metamorphic malware detection
sciencedirect.com
MutantX-S: Scalable malware clustering based on static features
usenix.org
The new signature generation method based on an unpacking algorithm and procedure for a packer detection
earticle.net
Novel feature extraction, selection and fusion for effective malware family classification
arxiv.org
A novel framework for image-based malware detection with a deep neural network
linkinghub.elsevier.com
Obfuscation-resilient executable payload extraction from packed malware
usenix.org
Obfuscation: The hidden malware
ieeexplore.ieee.org
Obfuscation: Where are we in anti-DSE protections? (a first attempt)
dl.acm.org
Obfuscator-LLVM: Software protection for the masses
ieeexplore.ieee.org
OmniUnpack: Fast, generic, and safe unpacking of malware
ieeexplore.ieee.org
On deceiving malware classification with section injection
arxiv.org
On evaluating adversarial robustness
arxiv.org
On the (Im)possibility of obfuscating programs
link.springer.com
On the (im)possibility of obfuscating programs (2)
dl.acm.org
On the adoption of anomaly detection for packed executable filtering
sciencedirect.com
On the feasibility of malware unpacking via hardware-assisted loop profiling
dl.acm.org
Opcode sequences as representation of executables for data-mining-based unknown malware detection
linkinghub.elsevier.com
Opcodes as predictor for malware
inderscienceonline.com
OPEM: A static-dynamic approach for machine-learning-based malware detection
link.springer.com
Original entry point detection based on graph similarity
link.springer.com
An original entry point detection method with candidate-sorting for more effective generic unpacking
jstage.jst.go.jp
Packed code detection using shannon entropy and homomorphic encrypted executables
ieeexplore.ieee.org
Packed malware detection using entropy related analysis: A survey
semanticscholar.org
Packed malware variants detection using deep belief networks
matec-conferences.org
Packed PE file detection for malware forensics
ieeexplore.ieee.org
Packer classification based on association rule mining
sciencedirect.com
Packer classifier based on PE header information
dl.acm.org
Packer detection for multi-layer executables using entropy analysis
mdpi.com
Packer identification based on metadata signature
dl.acm.org
Packer identification method based on byte sequences
onlinelibrary.wiley.com
Packer identification method for multi-layer executables with k-Nearest neighbor of entropies
ieeexplore.ieee.org
Packer identification using byte plot and Markov plot
link.springer.com
Packer identification using hidden Markov model
link.springer.com
Packer-complexity analysis in PANDA
webthesis.biblio.polito.it
PackGenome: Automatically generating robust YARA rules for accurate malware packer detection
dl.acm.org
PackHero: A scalable graph-based approach for efficient packer identification
re.public.polimi.it
Packing detection and classification relying on machine learning to stop malware propagation
theses.hal.science
Pandora's Bochs: Automatic unpacking of malware
researchgate.net
Pattern recognition techniques for the classification of malware packers
link.springer.com
PE file features in detection of packed executables
ijcte.org
PE file header analysis-based packed PE file detection technique (PHAD)
ieeexplore.ieee.org
PE-Miner: Mining structural information to detect malicious executables in realtime
link.springer.com
PE-Probe: Leveraging packer detection and structural information to detect malicious portable executables
semanticscholar.org
PEAL - Packed executable analysis
link.springer.com
Performance evaluation of filter-based feature selection techniques in classifying portable executable files
linkinghub.elsevier.com
PEzoNG: Advanced packer for automated evasion on Windows
link.springer.com
Pitfalls in machine learning for computer security
dl.acm.org
PolyPack: An automated online packing service for optimal antivirus evasion
dl.acm.org
PolyUnpack: Automating the hidden-code extraction of unpack-executing malware
ieeexplore.ieee.org
Potent and stealthy control flow obfuscation by stack based self-modifying code
ieeexplore.ieee.org
Practical attacks on machine learning: A case study on adversarial windows malware
arxiv.org
Preprocessing of binary executable files towards retargetable decompilation
fit.vut.cz
Prevalence and impact of low-entropy packing schemes in the malware ecosystem
ndss-symposium.org
Program obfuscation by strong cryptography
ieeexplore.ieee.org
RAMBO: Run-Time packer analysis with multiple branch observation
link.springer.com
REFORM: A framework for malware packer analysis using information theory and statistical methods
scispace.com
Renovo: A hidden code extractor for packed executables
dl.acm.org
RePEconstruct: Reconstructing binaries with self-modifying code and import address table destruction
ieeexplore.ieee.org
RePEF — A system for restoring packed executable file for malware analysis
ieeexplore.ieee.org
Replacement attacks against VM-protected applications
dl.acm.org
Research and implementation of compression shell unpacking technology for PE file
ieeexplore.ieee.org
Research and implementation of packing technology for PE files
semanticscholar.org
Research of software information hiding algorithm based on packing technology
link.springer.com
Resurrecting anti-virtualization and anti-debugging: Unhooking your hooks
linkinghub.elsevier.com
Revealing packed malware
ieeexplore.ieee.org
Reverse engineering self-modifying code: Unpacker extraction
ieeexplore.ieee.org
Robust static analysis of portable executable malware
repo.zenk-security.com
SATURN - Software deobfuscation framework based on LLVM
dl.acm.org
SCORE: Source code optimization & reconstruction
ieeexplore.ieee.org
SE-PAC: A self-evolving packer classifier against rapid packers evolution
dl.acm.org
Secure and advanced unpacking using computer emulation
link.springer.com
Semi-supervised learning for packed executable detection
ieeexplore.ieee.org
Semi-supervised learning for unknown malware detection
link.springer.com
Sensitive system calls based packed malware variants detection using principal component initialized multilayers neural networks
cybersecurity.springeropen.com
Sequential opcode embedding-based malware detection method
sciencedirect.com
Singular value decomposition and metamorphic detection
link.springer.com
SMASH: A malware detection method based on multi-feature ensemble learning
ieeexplore.ieee.org
Software protection through anti-debugging
ieeexplore.ieee.org
SoK: (state of) the art of war: Offensive techniques in binary analysis
ieeexplore.ieee.org
SoK: Automatic deobfuscation of virtualization-protected applications
dl.acm.org
SoK: Deep packer inspection: A longitudinal study of the complexity of run-time packers
ieeexplore.ieee.org
Source-free binary mutation for offense and defense
api.semanticscholar.org
SPADE: Signature based packer detection
dl.acm.org
Static analysis method on portable executable files for REMNUX based malware identification
ieeexplore.ieee.org
Static analysis of executables to detect malicious patterns
dl.acm.org
Static features exploration for executable packing with unsupervised learning
ecam.be
Static malware detection & subterfuge: Quantifying the robustness of machine learning and current anti-virus
arxiv.org
A static, packer-agnostic filter to detect similar malware samples
link.springer.com
Structural analysis of binary executable headers for malware detection optimization
link.springer.com
Structural entropy and metamorphic malware
link.springer.com
Structural feature based anomaly detection for packed executable identification
link.springer.com
The study of evasion of packed PE from static detection
ieeexplore.ieee.org
A study of the packer problem and its solutions
link.springer.com
A survey on adversarial attacks for malware analysis
ieeexplore.ieee.org
A survey on automated dynamic malware-analysis techniques and tools
doi.org
A survey on machine learning-based detection and classification technology of malware
ieeexplore.ieee.org
A survey on malware analysis techniques: Static, dynamic, hybrid and memory analysis
ijaseit.insightsociety.org
Survey on malware evasion techniques: State of the art and challenges
ieeexplore.ieee.org
A survey on run-time packers and mitigation techniques
link.springer.com
Symbolic deobfuscation: From virtualized code back to the original
link.springer.com
Symbolic execution of obfuscated code
dl.acm.org
Syntia: Synthesizing the semantics of obfuscated code
usenix.org
A systematical and longitudinal study of evasive behaviors in windows malware
linkinghub.elsevier.com
Technical report on the cleverhans v2.1.0 adversarial examples library
arxiv.org
Things you may not know about Android (Un) packers: A systematic study based on whole-system emulation.
ndss-symposium.org
Thwarting real-time dynamic unpacking
dl.acm.org
A token strengthened encryption packer to prevent reverse engineering PE files
ieeexplore.ieee.org
Toward generic unpacking techniques for malware analysis with quantification of code revelation
researchgate.net
Towards paving the way for large-scale Windows malware analysis: Generic binary unpacking with orders-of-magnitude performance boost
dl.acm.org
Towards static analysis of virtualization-obfuscated binaries
ieeexplore.ieee.org
Transcending transcend: Revisiting malware classification in the presence of concept drift
arxiv.org
Tutorial: An overview of malware detection and evasion techniques
inria.hal.science
Two techniques for detecting packed portable executable files
ieeexplore.ieee.org
Unconditional self-modifying code elimination with dynamic compiler optimizations
ieeexplore.ieee.org
Understanding Linux malware
ieeexplore.ieee.org
Unknown malcode detection using OPCODE representation
link.springer.com
A unpacking and reconstruction system-agunpacker
ieeexplore.ieee.org
Unpacking framework for packed malicious executables
repositorio-aberto.up.pt
Unpacking malware in the real world: A step-by step guide
link.springer.com
Unpacking techniques and tools in malware analysis
scientific.net
Unpacking virtualization obfuscators
dl.acm.org
Unsupervised clustering machine learning on packed executable
dial.uclouvain.be
UnThemida: Commercial obfuscation technique analysis with a fully obfuscated program
onlinelibrary.wiley.com
Using entropy analysis to find encrypted and packed malware
ieeexplore.ieee.org
VABox: A virtualization-based analysis framework of virtualization-obfuscated packed executables
link.springer.com
VMAttack: Deobfuscating virtualization-based packed binaries
dl.acm.org
VMHunt: A verifiable approach to partially-virtualized binary code simplification
dl.acm.org
VMRe: A reverse framework of virtual machine protection packed binaries
ieeexplore.ieee.org
Watermarking, tamper-proofing, and obfuscation - Tools for software protection
ieeexplore.ieee.org
Wavelet decomposition of software entropy reveals symptoms of malicious code
linkinghub.elsevier.com
When malware is packin' heat; limits of machine learning classifiers based on static analysis features
ndss-symposium.org
WYSINWYX: What you see is not what you execute
dl.acm.org
x64Unpack: Hybrid emulation unpacker for 64-bit Windows Environments and detailed analysis results on VMProtect 3.4
ieeexplore.ieee.org
Xunpack: Cross-Architecture unpacking for Linux IoT malware
dl.acm.org
:bookmark_tabs: Datasets
30 projects
BODMAS
An open dataset for learning-based temporal analysis of PE malware, containing over 130,000 Windows PE files with feature vectors and metadata.
Python932 years ago
Contagio
contagiodump.blogspot.com
CyberCrime
cybercrime-tracker.net
Ember
An open dataset and toolkit for training static PE malware machine learning models, featuring millions of labeled Windows executable samples.
Jupyter Notebook1,1621 year ago
Ember2024
A benchmark dataset with 3.2 million malicious and benign files across 6 file types for evaluating malware classifiers.
Python1219 months ago
Malfease
web.archive.org
Malheur
web.archive.org
Malicia
web.archive.org
Malshare
malshare.com
Malware Archive
A collection of real-world malware samples, analysis exercises, and training resources for cybersecurity education and research.
HTML1,6382 years ago
Malware Museum
archive.org
MalwareBazaar
bazaar.abuse.ch
MalwareGallery
malwaregallery.com
MalwareSamples
github.com
MalwareTips
malwaretips.com
OARC Malware Dataset
dns-oarc.net
Open Malware Project
web.archive.org
Packware
A research project investigating how packers affect the accuracy of static machine-learning malware classifiers.
Python902 years ago
Runtime Packers Testset
researchgate.net
SAC
sac.sk
theZoo
A live malware repository providing encrypted samples and source code for educational malware analysis and research.
Python13,1092 months ago
ViruSign
web.archive.org
VirusSamples
virussamples.com
VirusShare
virusshare.com
VirusSign
virussign.com
VirusTotal
virustotal.com
VX Heaven
web.archive.org
VX Underground
vx-underground.org
VXvault
vxvault.net
WildList
web.archive.org
After 2010
62 projectsAlienyze
alienyze.com
Alternate EXE Packer
alternate-tools.com
Amber
A reflective PE packer for in-memory execution of Windows executables to bypass security products.
Go1,4182 years ago
Andromeda
blog.morphisec.com
APKProtect
sourceforge.net
Armadillo
web.archive.org
ASM Guard
A packer utility for compressing, obfuscating, and protecting native Windows executables and DLLs.
2672 years ago
ASPack
aspack.com
ASProtect 32
aspack.com
ASProtect 64
aspack.com
Astral-PE
A low-level mutator for Windows PE files that obfuscates headers and metadata to break static analysis signatures without breaking execution.
C#3441 year ago
AutoIT
autoitscript.com
AxProtector
wibu.com
BangCle
Android app protector using second-generation hardening technology to load encrypted dex files from memory dynamically.
C++4077 years ago
Bero
blog.rosseaux.net
BIN-crypter
autoitscript.com
BoxedApp Packer
boxedapp.com
Code Virtualizer
oreans.com
ConfuserEx
An open-source protector for .NET applications that obfuscates code and prevents reverse engineering.
C#2,8622 years ago
Crinkler
A compressing linker for creating extremely small Windows demoscene executables (1k/4k/8k intros).
C++1,2101 month ago
DarkCrypt
totalcmd.net
DexGuard
guardsquare.com
DexProtector
dexprotector.com
DotBundle
web.archive.org
DotNetZ
softpedia.com
ElecKey
sciensoft.com
ELF-Encrypter
elf-encrypter.sourceforge.net
ELFCrypt
A simple ELF crypter that encrypts ELF binary sections using RC4 encryption for on-disk protection.
C1295 years ago
Enigma Protector
enigmaprotector.com
Enigma Virtual Box
enigmaprotector.com
EXE Bundle
exebundle.software.informer.com
Ezuri
A simple Linux ELF runtime crypter that encrypts and loads executables directly into memory to evade detection.
Go2731 year ago
GzExe
git.savannah.gnu.org
hXOR-Packer
A PE packer that compresses executables with Huffman encoding and encrypts them with XOR, executing directly from memory.
C++674 years ago
Hyperion
A collection of security tools, exploits, proof-of-concept code, shellcodes, and scripts for educational purposes.
Python731 month ago
LIAPP
liapp.lockincomp.com
MPRESS
autohotkey.com
.netshrink
pelock.com
Obsidium
obsidium.de
oplzkwp
A library for ELF binary obfuscation using on-the-fly encryption with PRESENT and blake244.
C6910 years ago
Origami
A packer that compresses and encrypts .NET assemblies, storing payloads within PE file structures.
C#1773 years ago
OS-X_Packer
web.archive.org
Pakkero
A Go-based binary packer that compresses, encrypts, and protects ELF binaries, scripts, and AppImages from tampering and reverse engineering.
Go2743 years ago
PE-Packer
A packer for Windows x86 executable files that transforms and encrypts PE files to obstruct reverse engineering.
C3641 year ago
PELock
pelock.com
PEShield
webscene.ir
PESpin
downloads.fyxm.net
PEtite
un4seen.com
PEzoNG
youtube.com
PEzor
An open-source packer that converts executables and shellcode into stealthy, evasive payloads for Windows.
C2,1072 years ago
ProtectMyTooling
A multi-packer wrapper for daisy-chaining packers, obfuscators, and shellcode loaders to protect Red Team implants with watermarking and IOC collection.
PowerShell1,0767 months ago
ps2-packer
A tool for creating compressed ELF executables to run on the PlayStation 2, similar to UPX.
C8223 days ago
RapidEXE
sourceforge.net
Silent-Packer
An ELF/PE binary packer written in pure C for obfuscation and reverse engineering protection.
C1152 years ago
SimpleDPack
A simple Windows EXE packing tool for learning and investigating PE file structure.
C1213 years ago
Smart Packer
smartpacker.nl
Squishy
logicoma.io
Themida
oreans.com
UPX
upx.github.io
VirtualMachineObfuscationPoC
web.archive.org
VMProtect
vmpsoft.com
ZProtect
jiami.net
Between 2000 and 2010
41 projects20to4
20to4.net
ACProtect
yaldex.com
AHPack
delphibasics.info
Application Protector
sourceforge.net
AT4RE Protector
en.52yma.com
AverCryptor
web.archive.org
BurnEye
packetstormsecurity.com
ByteBoozer
csdb.dk
cryptelf
packetstormsecurity.com
CryptExec
phrack.org
EXE Guarder
exeicon.com
EXE Wrapper
web.archive.org
Exe32Pack
exe32pack.apponic.com
EXECryptor
execryptor.freedownloadscenter.com
ExeFog
delphibasics.info
eXPressor
cgsoftlabs.ro
FSG
web.archive.org
GHF Protector
delphibasics.info
HackStop
defacto2.net
Kkrunchy
farbrausch.de
Laturi
laturi.haxor.fi
mPack
blog.fearcat.in
NSPack
nspack.apponic.com
NTPacker
hacking-software-free-download.blogspot.com
PECompact
bitsum.com
RDMC
sac.sk
RLPack
web.archive.org
RSCC
defacto2.net
RUCC
defacto2.net
Sentinel HASP Envelope
cpl.thalesgroup.com
sePACKER
sourceforge.net
Shiva
packetstormsecurity.com
tElock
softpedia.com
TTProtect
web.archive.org
UPack
sac.sk
UPX-Scrambler
defacto2.net
WinUpack
sac.sk
x86.Virtualizer
rewolf.pl
XComp
soft-lab.de
Yoda Crypter
sourceforge.net
Yoda Protector
yodap.sourceforge.net