UNIX-like reverse engineering framework and command-line toolset
-
Updated
May 27, 2024 - C
UNIX-like reverse engineering framework and command-line toolset
Pafish is a testing tool that uses different techniques to detect virtual machines and malware analysis environments in the same way that malware families do
State-of-the-art native debugging tool
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
Leaked Linux.Mirai Source Code for Research/IoC Development Purposes
The PE file analysis toolkit
A Tool for Automatic Analysis of Malware Behavior
Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".
Awesome CSIRT is an curated list of links and resources in security and CSIRT daily activities.
This repository contains sample programs that mimick behavior found in real-world malware. The goal is to provide source code that can be compiled and used for learning purposes, without having to worry about handling live malware.
Kernel-Mode Driver that loads a dll into every new created process that loads kernel32.dll module
Dynamic unpacker based on PE-sieve
An easy-to-use library for emulating memory dumps. Useful for malware analysis (config extraction, unpacking) and dynamic analysis in general (sandboxing).
Cybersecurity research results. Simple C/C++ and Python implementations
Malware Analysis, Threat Intelligence and Reverse Engineering: LABS
Reverse Engineering tools
A tool pulls loaded binaries ordered by memory regions
This repository is a hands-on tutorial which aims at going through dissection and analysis of arbitrary binaries.
Thanatos.
Add a description, image, and links to the malware-analysis topic page so that developers can more easily learn about it.
To associate your repository with the malware-analysis topic, visit your repo's landing page and select "manage topics."