Malware Analysis

The "Awesome Malware Analysis" project is a curated resource list designed to assist security professionals and researchers in the field of malware analysis. Malware analysis involves examining malicious software to understand its behavior, functionality, and impact. This list includes tools for static and dynamic analysis, reverse engineering resources, malware databases, and educational materials such as tutorials and courses. It is valuable for both beginners looking to learn the basics and experienced analysts seeking advanced techniques and tools. Users can find a wealth of resources to enhance their skills and improve their malware analysis capabilities.

malware-analysisreverse-engineeringsecurity-toolsstatic-analysisdynamic-analysiscybersecuritythreat-intelligence

RSS View on GitHub

13.6k stars2.7k forks0 contributorsUpdated

Anonymizers

4 projects

Honeypots

6 projects

Conpot

An open-source ICS/SCADA honeypot designed to emulate industrial control systems and collect adversary intelligence.

Python1,4851 day ago

Dionaea

A low-interaction honeypot that emulates vulnerable services to capture malware and analyze attacks.

An extensible open-source framework for running, monitoring, and managing honeypots to detect and analyze cyber threats.

Go1,3002 years ago

MHN

A centralized management and data collection server for deploying and monitoring multiple honeypot sensors.

Python2,4641 year ago

Malware Corpora

17 projects

Clean MX

support.clean-mx.com

Contagio

contagiodump.blogspot.com

Javascript Mallware Collection

A collection of nearly 40,000 JavaScript malware samples for security research and analysis.

JavaScript7601 year ago

Malpedia

malpedia.caad.fkie.fraunhofer.de

Malshare

malshare.com

Ragpicker

A plugin-based malware crawler for collecting and pre-analyzing malware samples, useful for antivirus testing and malware analysis.

Python9410 years ago

theZoo

A live malware repository providing encrypted samples and source code for educational malware analysis and research.

Python13,1092 months ago

Tools

19 projects

AbuseHelper

An open-source framework for receiving, processing, and redistributing abuse feeds and threat intelligence.

Python1256 years ago

AlienVault Open Threat Exchange

otx.alienvault.com

Combine

A tool to gather and enrich threat intelligence indicators from publicly available sources into a structured CSV format.

Python6577 years ago

Fileintel

A modular Python tool that collects threat intelligence from multiple sources for files identified by their hash.

Python1235 years ago

Hostintel

A modular Python tool that collects threat intelligence for hosts (IPs, domains, FQDNs) from multiple sources and outputs CSV data.

A Python library and CLI for extracting and refanging defanged Indicators of Compromise (IOCs) from text.

Python5801 year ago

ioc_writer

Python library for creating, editing, and managing OpenIOC objects for threat intelligence indicators.

Python2083 years ago

MalPipe

A modular malware and IOC ingestion framework that collects, enriches, and exports threat intelligence from multiple feeds.

Python1107 years ago

CIFv2

A deprecated threat intelligence platform for collecting, processing, and sharing security indicators.

Perl2308 years ago

MISP

An open-source platform for collecting, storing, sharing, and acting upon cybersecurity threat intelligence and indicators.

An extendable Python tool to extract and aggregate Indicators of Compromise (IOCs) from various threat intelligence feeds.

Python91613 days ago

ThreatTracker

A Python script that monitors and alerts on indicators of compromise (IOCs) using Google Custom Search Engines and Safe Browsing APIs.

Python7111 years ago

TIQ-test

A tool for data visualization and statistical analysis of threat intelligence indicator feeds to measure their quality and effectiveness.

R17810 years ago

Other Resources

32 projects

AutoShun

autoshun.org

Bambenek Consulting Feeds

osint.bambenekconsulting.com

Critical Stack- Free Intel Market

intel.criticalstack.com

Cybercrime tracker

cybercrime-tracker.net

FireEye OpenIOCs

A collection of publicly shared Indicators of Compromise (IOCs) from FireEye for threat intelligence and security research.

A lightweight authenticated publish-subscribe protocol for binary data feeds, commonly used for security data sharing.

Python2182 years ago

Infosec - CERT-PA lists

Internet Storm Center (DShield)

malwaredomainlist.com

MetaDefender Threat Intelligence Feed

opswat.com

OpenIOC

fireeye.com

Proofpoint Threat Intelligence

proofpoint.com

Ransomware overview

docs.google.com

STIX - Structured Threat Information eXpression

stixproject.github.io

CAPEC - Common Attack Pattern Enumeration and Classification

capec.mitre.org

CybOX - Cyber Observables eXpression

cyboxproject.github.io

MAEC - Malware Attribute Enumeration and Characterization

maec.mitre.org

TAXII - Trusted Automated eXchange of Indicator Information

taxiiproject.github.io

A comprehensive collection of Yara rules for malware detection, vulnerability identification, and security analysis.

YARA4,8052 years ago

YETI

A forensics intelligence platform that bridges CTI and DFIR by storing threat intelligence and enabling bulk observable searches and threat-focused analysis.

Python1,99324 days ago

ZeuS Tracker

zeustracker.abuse.ch

Related Awesome Lists

📦

Hacking

The "Awesome Hacking" project is a curated resource list designed for those interested in the field of hacking, which involves exploring and exploiting vulnerabilities in computer systems and networks. This list encompasses a wide range of categories, including penetration testing tools, ethical hacking tutorials, security research papers, and community forums. It serves as a valuable resource for beginners looking to learn the basics of cybersecurity, as well as experienced professionals seeking advanced techniques and tools. Whether you are aiming to enhance your skills or stay updated on the latest security trends, this collection offers a wealth of information to support your hacking journey.

16.1k

📦

Security

The "Awesome Security" project is a curated collection of resources focused on enhancing security practices in the digital realm. This list encompasses a wide range of categories including security tools, libraries, frameworks, tutorials, and best practices for various platforms and technologies. It is designed to benefit security professionals, developers, and system administrators alike, providing valuable insights and tools to safeguard applications and data. Whether you are a beginner looking to understand security fundamentals or an experienced practitioner seeking advanced techniques, this project offers a wealth of information to help you improve your security posture and protect your digital assets.

14.2k

📦

Web Security

The "Awesome Web Security" project is a curated collection of resources focused on the security of web applications and services. Web security encompasses practices and technologies designed to protect websites and online services from cyber threats, vulnerabilities, and attacks. This list includes tools for penetration testing, secure coding practices, frameworks, libraries, and educational materials such as articles and tutorials. It is valuable for developers, security professionals, and researchers who seek to enhance their understanding of web security and implement robust security measures. Users can find essential tools and knowledge to safeguard their web applications effectively and stay ahead of potential threats.

13.2k

📦

CTF

The "Awesome CTF" project is a curated collection of resources focused on Capture The Flag (CTF) competitions, which are events that challenge participants to solve cybersecurity problems and vulnerabilities. This list encompasses a variety of categories including CTF platforms, write-ups, tools, training materials, and community forums, catering to both newcomers and seasoned cybersecurity enthusiasts. Whether you are looking to sharpen your skills, participate in competitions, or learn from past challenges, this repository provides invaluable insights and resources. Dive into the world of CTFs and enhance your cybersecurity prowess with the tools and knowledge available here.

11.4k

Community-curated · Updated weekly · 100% open source

Found a gem we're missing?

Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.

Submit a project Star on GitHub