ch0ic3/awesome-malware-analysis
1
0
Fork 0
mirror of https://github.com/rshipp/awesome-malware-analysis.git synced 2024-12-18 18:26:09 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Fix wrapping, grammar, formatting

Browse Source 
Also removed extra Anubis entry
This commit is contained in:
rshipp 2015-09-22 16:56:40 +02:00
parent 6666f2c5b8
commit 34bb94a49a
1 changed files with 22 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
README.md
View File

@ -86,8 +86,10 @@ A curated list of awesome malware analysis tools and resources. Inspired by
trojan leaked in 2011. trojan leaked in 2011.
* [Malshare](http://malshare.com) - Large repository of malware actively * [Malshare](http://malshare.com) - Large repository of malware actively
scrapped from malicious sites. scrapped from malicious sites.
* [VirusShare](http://virusshare.com/) - Malware repository, registration required. * [VirusShare](http://virusshare.com/) - Malware repository, registration
* [ViruSign](http://www.virusign.com/) - Malware database that detected by many anti malware programs except ClamAV. required.
* [ViruSign](http://www.virusign.com/) - Malware database that detected by
many anti malware programs except ClamAV.
## Open Source Threat Intelligence ## Open Source Threat Intelligence
@ -121,6 +123,10 @@ A curated list of awesome malware analysis tools and resources. Inspired by
plugin and blocklist. plugin and blocklist.
* [CI Army](http://www.ciarmy.com/) ([list](http://www.ciarmy.com/list/ci-badguys.txt)) - * [CI Army](http://www.ciarmy.com/) ([list](http://www.ciarmy.com/list/ci-badguys.txt)) -
Network security blocklists. Network security blocklists.
* [Critical Stack- Free Intel Market](https://intel.CriticalStack.com) - Free
intel aggregator with deduplication featuring 90+ feeds and over 1.2M indicators.
* [CRDF ThreatCenter](http://threatcenter.crdf.fr/) - List of new threats detected
by CRDF anti-malware.
* [Emerging Threats](http://www.emergingthreats.net/) - Rulesets and more. * [Emerging Threats](http://www.emergingthreats.net/) - Rulesets and more.
* [FireEye IOCs](https://github.com/fireeye/iocs) - Indicators of Compromise * [FireEye IOCs](https://github.com/fireeye/iocs) - Indicators of Compromise
shared publicly by FireEye. shared publicly by FireEye.
@ -136,9 +142,6 @@ A curated list of awesome malware analysis tools and resources. Inspired by
C&C blocklists. C&C blocklists.
* [ZeuS Tracker](https://zeustracker.abuse.ch/blocklist.php) - ZeuS * [ZeuS Tracker](https://zeustracker.abuse.ch/blocklist.php) - ZeuS
blocklists. blocklists.
* [Critical Stack- Free Intel Market](https://intel.CriticalStack.com) - Free
intel aggregator with deduplication featuring 90+ feeds and over 1.2M indicators.
* [CRDF ThreatCenter](http://threatcenter.crdf.fr/) - List of new threats detected by CRDF anti-malware.
* [Yara rules](https://github.com/Yara-Rules/rules) - Yara rules repository. * [Yara rules](https://github.com/Yara-Rules/rules) - Yara rules repository.
## Detection and Classification ## Detection and Classification
@ -173,20 +176,23 @@ A curated list of awesome malware analysis tools and resources. Inspired by
* [YARA](https://plusvic.github.io/yara/) - Pattern matching tool for * [YARA](https://plusvic.github.io/yara/) - Pattern matching tool for
analysts. analysts.
* [Loki](https://github.com/Neo23x0/Loki) - Host based scanner for IOCs. * [Loki](https://github.com/Neo23x0/Loki) - Host based scanner for IOCs.
* [Yara rules generator](https://github.com/Neo23x0/yarGen) - Generate yara rules based on a set of malware samples. Also contains a good_strings DB to avoid false positives. * [Yara rules generator](https://github.com/Neo23x0/yarGen) - Generate
yara rules based on a set of malware samples. Also contains a good
strings DB to avoid false positives.
## Online Scanners and Sandboxes ## Online Scanners and Sandboxes
*Web-based multi-AV scanners, and malware sandboxes for automated analysis.* *Web-based multi-AV scanners, and malware sandboxes for automated analysis.*
* [Anubis](https://anubis.iseclab.org/) - Malware Analysis for Unknown Binaries and Site Check. * [Anubis](https://anubis.iseclab.org/) - Malware Analysis for Unknown Binaries
and Site Check.
* [AVCaesar](https://avcaesar.malware.lu/) - Malware.lu online scanner and * [AVCaesar](https://avcaesar.malware.lu/) - Malware.lu online scanner and
malware repository. malware repository.
* [Cuckoo Sandbox](http://cuckoosandbox.org/) - Open source, self hosted * [Cuckoo Sandbox](http://cuckoosandbox.org/) - Open source, self hosted
sandbox and automated analysis system. sandbox and automated analysis system.
* [cuckoo-modified](https://github.com/brad-accuvant/cuckoo-modified) - Modified version * [cuckoo-modified](https://github.com/brad-accuvant/cuckoo-modified) - Modified
of Cuckoo Sandbox released under the GPL. Not merged upstream due to legal version of Cuckoo Sandbox released under the GPL. Not merged upstream due to
concerns by the author. legal concerns by the author.
* [DRAKVUF](https://github.com/tklengyel/drakvuf) - Dynamic malware analysis * [DRAKVUF](https://github.com/tklengyel/drakvuf) - Dynamic malware analysis
system. system.
* [Hybrid Analysis](https://www.hybrid-analysis.com/) - Online malware * [Hybrid Analysis](https://www.hybrid-analysis.com/) - Online malware
@ -198,7 +204,8 @@ A curated list of awesome malware analysis tools and resources. Inspired by
instance. instance.
* [MASTIFF Online](https://mastiff-online.korelogic.com/) - Online static * [MASTIFF Online](https://mastiff-online.korelogic.com/) - Online static
analysis of malware. analysis of malware.
* [Metascan Online](https://www.metascan-online.com/en) - Free file scanning with multiple antivirus engines. * [Metascan Online](https://www.metascan-online.com/en) - Free file scanning
with multiple antivirus engines.
* [Noriben](https://github.com/Rurik/Noriben) - Uses Sysinternals Procmon to * [Noriben](https://github.com/Rurik/Noriben) - Uses Sysinternals Procmon to
collect information about malware in a sandboxed environment. collect information about malware in a sandboxed environment.
* [Recomposer](https://github.com/secretsquirrel/recomposer) - A helper * [Recomposer](https://github.com/secretsquirrel/recomposer) - A helper
@ -212,13 +219,14 @@ A curated list of awesome malware analysis tools and resources. Inspired by
*Inspect domains and IP addresses.* *Inspect domains and IP addresses.*
* [Anubis](https://anubis.iseclab.org/) - Malware Analysis for Unknown Binaries and Site Check. * [Desenmascara.me](http://desenmascara.me) - One click tool to retrieve as
* [Desenmascara.me](http://desenmascara.me) - One click tool to retrieve all the metadata as possible for a website and to assess its good standing. much metadata as possible for a website and to assess its good standing.
* [Dig](http://networking.ringofsaturn.com/) - Free online dig and other * [Dig](http://networking.ringofsaturn.com/) - Free online dig and other
network tools. network tools.
* [IPinfo](https://github.com/hiddenillusion/IPinfo) - Gather information * [IPinfo](https://github.com/hiddenillusion/IPinfo) - Gather information
about an IP or domain by searching online resources. about an IP or domain by searching online resources.
* [Sucuri SiteCheck](https://sitecheck.sucuri.net/) - Free Website Malware and Security Scanner. * [Sucuri SiteCheck](https://sitecheck.sucuri.net/) - Free Website Malware
and Security Scanner.
* [TekDefense Automator](http://www.tekdefense.com/automater/) - OSINT tool * [TekDefense Automator](http://www.tekdefense.com/automater/) - OSINT tool
for gatherig information about URLs, IPs, or hashes. for gatherig information about URLs, IPs, or hashes.
* [Whois](http://whois.domaintools.com/) - DomainTools free online whois * [Whois](http://whois.domaintools.com/) - DomainTools free online whois