fireeye/FIDL
A sane API for IDA Pro's decompiler. Useful for malware RE and vulnerability research
Language: Python
#api #decompiler #ida #malware #research #reversing #vulnerability
Stars: 105 Issues: 0 Forks: 15
https://github.com/fireeye/FIDL

alphaSeclab/awesome-rat
Open source RAT collection, and RAT analysis blog/video collection.
#malware_analysis #rat #rat_analysis #rat_malware #remote_access_tool #remote_administration_tool
Stars: 110 Issues: 0 Forks: 29
https://github.com/alphaSeclab/awesome-rat

vaib25vicky/awesome-mobile-security
An effort to build a single place for all useful android and iOS security related stuff. All references and tools are belong to their respective owners. I'm just maintaining it.
#android #android_security #awesome #awesome_list #bugbounty #hacking #hacking_tools #ios #ios_security #malware #malware_research #mobile #mobile_security #pentesting #redteam #resources #reverse_engineering #security_tools
Stars: 110 Issues: 0 Forks: 11
https://github.com/vaib25vicky/awesome-mobile-security

JPCERTCC/EmoCheck
Emotet detection tool for Windows OS
Language: C++
#emotet #malware_detection #security
Stars: 127 Issues: 3 Forks: 17
https://github.com/JPCERTCC/EmoCheck

0xsha/sweetie-data
This repo contains logstash of various honeypots
#data_science #dataset #honeypot #logstash #malware_research #samples #threat_intelligence #threat_modeling #threatintel
Stars: 118 Issues: 0 Forks: 9
https://github.com/0xsha/sweetie-data

vxunderground/MalwareSourceCode
Collection of malware source code for a variety of platforms in an array of different programming languages.
Language: Assembly
#malware #malware_detection #malware_development #malware_research
Stars: 96 Issues: 0 Forks: 15
https://github.com/vxunderground/MalwareSourceCode

vxunderground/VXUG-Papers
Research code & papers from members of vx-underground.
Language: Go
#malware #malware_development #malware_research
Stars: 80 Issues: 0 Forks: 9
https://github.com/vxunderground/VXUG-Papers

redcode-labs/Neurax
A library for constructing self-spreading binaries
Language: Go
#golang #malware #self_spreading #worm
Stars: 240 Issues: 0 Forks: 16
https://github.com/redcode-labs/Neurax

vxunderground/WinAPI-Tricks
Collection of various WINAPI tricks / features used or abused by Malware
Language: C
#c #cpp #malware #malware_analysis #windows
Stars: 136 Issues: 0 Forks: 9
https://github.com/vxunderground/WinAPI-Tricks

hasherezade/transacted_hollowing
Transacted Hollowing - a PE injection technique, hybrid between ProcessHollowing and ProcessDoppelgänging
Language: C
#pefile #malware #code_injection #pe_injector
Stars: 142 Issues: 0 Forks: 16
https://github.com/hasherezade/transacted_hollowing

mrexodia/dumpulator
An easy-to-use library for emulating code in minidump files.
Language: Python
#cross_platform #easy_to_use #emulator #malware_analysis #malware_analyzer #malware_research #minidump #python #python3 #sandbox #unicorn #x64
Stars: 90 Issues: 0 Forks: 5
https://github.com/mrexodia/dumpulator

kleiton0x00/Shelltropy
A technique of hiding malicious shellcode via Shannon encoding.
Language: Assembly
#encoding #malware #malware_analysis #malware_development #obfuscate #obfuscation
Stars: 83 Issues: 0 Forks: 8
https://github.com/kleiton0x00/Shelltropy

MalwareApiLib/MalwareApiLibrary
collection of apis used in malware development
Language: C
#api #development #engineering #library #malware
Stars: 132 Issues: 0 Forks: 16
https://github.com/MalwareApiLib/MalwareApiLibrary

evilsocket/sauron
A minimalistic cross-platform malware scanner with non-blocking realtime filesystem monitoring using YARA rules.
Language: Rust
#malware #scanner #signature #signatures #virus #yara
Stars: 111 Issues: 0 Forks: 3
https://github.com/evilsocket/sauron

fr0gger/IATelligence
IATelligence is a Python script that will extract the IAT of a PE file and request GPT to get more information about the API and the ATT&CK matrix related
Language: Python
#gpt_3 #malware_analysis #python
Stars: 176 Issues: 0 Forks: 12
https://github.com/fr0gger/IATelligence

siriusdeveloper/sirius-crypter
Telegram: @siriusdeveloper
Language: C#
#aes_encryption #crypter #crypter_defender #crypter_fud #malware #obfuscation #protector #runpe #xor_crypter
Stars: 341 Issues: 0 Forks: 1
https://github.com/siriusdeveloper/sirius-crypter

Cr4sh/SmmBackdoorNg
Updated version of System Management Mode backdoor for UEFI based platforms: old dog, new tricks
Language: C
#backdoor #boot #exploit #firmware #intel #malware #smm #uefi
Stars: 118 Issues: 0 Forks: 18
https://github.com/Cr4sh/SmmBackdoorNg

BlackSnufkin/NovaLdr
Threadless Module Stomping In Rust with some features (In memory of those murdered in the Nova party massacre)
Language: Rust
#malware_development #offensive_security #redteam #rust #shellcode_injection
Stars: 143 Issues: 0 Forks: 19
https://github.com/BlackSnufkin/NovaLdr

DevxStudio/Phoenix-Clipper-Malware
💸 Hiden Clipper + Auto-Run + Hiden Installer + ByPass Antiviruses, wallets in clipboard (btc,bch,eth,xmr,xrp,xlm,nec,ltc,doge,dash,trx,zcash,bnb...)
Language: C#
#bitcoin #clipper #erc20 #ethereum #keylogger #malware #rat #scam #stealer #substitution #trc20 #tron #virus
Stars: 261 Issues: 0 Forks: 0
https://github.com/DevxStudio/Phoenix-Clipper-Malware

vasiliev640/Shadow-ClipperMalvare
Hiden Clipper Keyzetsu + Auto-Run + Hiden Installer + ByPass Antiviruses, wallets in clipboard (btc,bch,eth,ton,xmr,xrp,xlm,nec,ltc,doge,dash,trx,zcash,bnb,ton...)
#bitcoin #bitcoin_malware #clippboard_malware #clippboard_wallets #clipper #erc20 #ethereum #keylogger #keyzetsu #malware #rat #scam #stealer #substitution_wallets #ton #toncoin #trc20 #tron #virus #windows
Stars: 409 Issues: 0 Forks: 0
https://github.com/vasiliev640/Shadow-ClipperMalvare