A curated list of awesome malware analysis tools and resources. Awesome Malware Analysis. A curated list of awesome malware analysis tools and resources. Hmily Keypatch is a IDA Pro plugin for Keystone Assembler Engine http. Run the perl script to create the m3u file. The fill will be filled with 10000 As x41 is the hexadecimal representation of A and open this m3u file with Easy RM. NOTEIf you have sugesstionsreport bugs, please email meWant to code at StudPe Contact meDo you have some PE signatures and you want to enhance StudPEs. SmartPCFixer is a fully featured and easytouse system optimization suite. With it, you can clean windows registry, remove cache files, fix errors, defrag disk. WHGmxt6_s/UkPSHlpvb8I/AAAAAAAACVc/A2Rp4j-PEPY/s1600/OllyDbg_10.png' alt='Ollydbg Patch Plugin' title='Ollydbg Patch Plugin' />Inspired by. Malware Collection. Anonymizers. Web traffic anonymizers for analysts. Anonymouse. org A free, web based anonymizer. Open. VPN VPN software and hosting solutions. Privoxy An open source proxy server with some. Tor The Onion Router, for browsing the web. IP. Honeypots. Trap and collect your own samples. Conpot ICSSCADA honeypot. Cowrie SSH honeypot, based. Kippo. Demo. Hunter Low interaction Distributed Honeypots. Dionaea Honeypot designed to trap malware. Glastopf Web application honeypot. Honeyd Create a virtual honeynet. Honey. Drive Honeypot bundle Linux distro. Mnemosyne A normalizer for. Dionaea. Thug Low interaction honeyclient, for. Malware Corpora. Malware samples collected for analysis. B.png.90505d5abdcbbf35f8e0df2942de7082.png' alt='Ollydbg Patch Plugin' title='Ollydbg Patch Plugin' />Clean MX Realtime. Contagio A collection of recent. Exploit Database Exploit and shellcode. Malshare Large repository of malware actively. New New Paul Mccartney'>New New Paul Mccartney. Malware. DB Malware samples repository. Open Malware Project Sample information and. Formerly Offensive Computing. Ragpicker Plugin based malware. Zoo Live malware samples for. Tracker h. 3x Agregator for malware corpus tracker. Viru. Sign Malware database that detected by. Clam. AV. Virus. Share Malware repository, registration. VX Vault Active collection of malware samples. Zeltsers Sources A list. Lenny Zeltser. Zeus Source Code Source for the Zeus. Ollydbg Patch Plugin' title='Ollydbg Patch Plugin' />Open Source Threat Intelligence. Tools. Harvest and analyze IOCs. Abuse. Helper An open source. Alien. Vault Open Threat Exchange Share and. Threat Intelligence. Combine Tool to gather Threat. Intelligence indicators from publicly available sources. Fileintel Pull intelligence per file hash. Hostintel Pull intelligence per host. Intel. MQ. A tool for CERTs for processing incident data using a message queue. IOC Editor. A free editor for XML IOC files. Awesomemalwareanalysis A curated list of awesome malware analysis tools and resources. Usage Statistics for communitygaze. Summary Period May 2016 Search String Generated 08Oct2017 0208 PDT. Exploit, VB. Net, VB6, CCSharp, Borland Delphi, Java, VBScript, CC, JavaScript, Visual Basic. NET, Ruby, Python, CSS, PHP, HTML, Pascal, Fortran, SQL, Perl. This blog is all about cracking GSM programs. Available tutorials for cracking and unpacking programs. Python library for. Open. IOC objects, from Mandiant. Massive Octo Spice. Previously known as CIF Collective Intelligence Framework. Aggregates IOCs. from various lists. Curated by the. CSIRT Gadgets Foundation. MISP Malware Information Sharing. Platform curated by The MISP Project. Pulsedive Free, community driven threat intelligence platform collecting IOCs from open source feeds. Py. IOCe A Python Open. IOC editor. Risk. IQ Research, connect, tag and. IPs and domains. Was Passive. Total. threataggregator. Aggregates security threats from a number of sources, including some of. Threat. Crowd A search engine for threats. Threat. Tracker A Python. IOCs indexed by a set of. Google Custom Search Engines. TIQ test Data visualization. Threat Intelligence feeds. Other Resources. Threat intelligence and IOC resources. Autoshun list. Snort plugin and blocklist. Bambenek Consulting Feeds. OSINT feeds based on malicious DGA algorithms. Fidelis Barncat. Extensive malware config database must request access. CI Army list. Network security blocklists. Critical Stack Free Intel Market Free. M indicators. Cybercrime tracker Multiple botnet active tracker. Fire. Eye IOCs Indicators of Compromise. Fire. Eye. Fire. HOL IP Lists Analytics for 3. IP lists. with a focus on attacks, malware and abuse. Evolution, Changes History. Country Maps, Age of IPs listed, Retention Policy, Overlaps. Honeypot feed protocol. Internet Storm Center DShield Diary and. API. unofficial Python library. Searchable incident database. Malware Domain List Search and share. URLs. Metadefender Threat Intelligence Feeds. List of the most looked up file hashes from Metadefender malware feed. Open. IOC Framework for sharing threat intelligence. Proofpoint Threat Intelligence. Rulesets and more. Formerly Emerging Threats. Ransomware overview. A list of ransomware overview with details, detection and prevention. STIX Structured Threat Information e. Xpression. Standardized language to represent and share cyber threat information. Related efforts from MITRE. Threat. Miner Data mining portal for threat. RECON Search for indicators, up to 1. Yara rules Yara rules repository. Zeu. S Tracker Zeu. S. blocklists. Detection and Classification. Antivirus and other malware identification tools. Analyze. PE Wrapper for a. Windows PE files. Assemblyline A scalable. Free Program Mafia 2 Melee Weapons Mod. Binary. Alert An open source, serverless. AWS pipeline that scans and alerts on uploaded files based on a set of. YARA rules. chkrootkit Local Linux rootkit detection. Clam. AV Open source antivirus engine. Detect It Easy A program for. Exif. Tool Read, write and. File Scanning Framework. Modular, recursive file scanning solution. Compute digest hashes with. Loki Host based scanner for IOCs. Malfunction Catalog and. MASTIFF Static analysis. Multi. Scanner Modular file. A tool for looking. NISTs National Software Reference Library database. A cross platform. Python alternative to PEi. D. PEV A multiplatform toolkit to work with PE. Rootkit Hunter Detect Linux rootkits. Compute fuzzy hashes. Python script for easy searching of the Total. Hash. cymru. com. Tr. ID File identifier. YARA Pattern matching tool for. Yara rules generator Generate. Also contains a good. DB to avoid false positives. Online Scanners and Sandboxes. Web based multi AV scanners, and malware sandboxes for automated analysis. Online sandbox. Andro. Total Free online analysis of APKs. AVCaesar Malware. Cryptam Analyze suspicious office documents. Cuckoo Sandbox Open source, self hosted. Modified. version of Cuckoo Sandbox released under the GPL. Not merged upstream due to. A. Python API used to control a cuckoo modified sandbox. Deep. Viz Multi format file analyzer with. A sandbox developed to do. Linux malwares and capturing IOCs. DRAKVUF Dynamic malware analysis. Unpacks, scans and analyzes almost any. Habo. Mal. Hunter An Automated Malware. Analysis Tool for Linux ELF Files. Hybrid Analysis Online malware. Vx. Sandbox. Intezer Detect, analyze, and categorize malware by. IRMA An asynchronous and customizable. Joe Sandbox Deep malware analysis with Joe Sandbox. Jotti Free online multi AV scanner. Limon Sandbox for Analyzing Linux Malware. Malheur Automatic sandboxed analysis. A Python RESTful API framework for. URL analysis services. Malware config Extract, decode and display online. Malwr Free analysis with an online Cuckoo Sandbox. Metadefender Scan a file, hash or IP. Network. Total A service that analyzes. Suricata configured with Emerging. Threats Pro. Noriben Uses Sysinternals Procmon to. Packet. Total Packet. Total is an online engine for analyzing. PDF Examiner Analyse suspicious PDF files. Proc. Dot A graphical malware analysis tool kit. Recomposer A helper. SEE Sandboxed Execution Environment SEE. Environments. SEKOIA Dropper Analysis Online dropper analysis Js, VBScript, Microsoft Office, PDF. Virus. Total Free online analysis of malware. URLs. VisualizeLogs Open source. Cuckoo, Procmon, more. Zeltsers List Free. Lenny Zeltser. Domain Analysis. Inspect domains and IP addresses. Community based IP blacklist service. A tool designed. for consistent and safe capture of off network web resources. Cymon Threat intelligence tracker, with IPdomainhash. Desenmascara. me One click tool to retrieve as. Dig Free online dig and other. Domain name permutation. IPinfo Gather information. IP or domain by searching online resources. Machinae OSINT tool for. URLs, IPs, or hashes. Similar to Automator.