ch0ic3/awesome-malware-analysis
1
0
Fork 0
mirror of https://github.com/rshipp/awesome-malware-analysis.git synced 2024-12-18 18:26:09 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Fix and remove some links that are likely dead and/or discontinued

Browse Source
This commit is contained in:
Herman Slatman 2017-11-28 20:50:55 +01:00 committed by GitHub
parent 263d44f529
commit 6e896a8e6a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 7 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
README.md
View File

@ -166,11 +166,9 @@ A curated list of awesome malware analysis tools and resources. Inspired by
* [malc0de](http://malc0de.com/database/) - Searchable incident database. * [malc0de](http://malc0de.com/database/) - Searchable incident database.
* [Malware Domain List](http://www.malwaredomainlist.com/) - Search and share * [Malware Domain List](http://www.malwaredomainlist.com/) - Search and share
malicious URLs. malicious URLs.
* [Metadefender.com Threat Intelligence Feeds](https://www.metadefender.com/threat-intelligence-feeds) - * [Metadefender Threat Intelligence Feeds](https://metadefender.opswat.com/threat-intelligence-feeds) -
List of the most looked up file hashes from Metadefender.com malware feed. List of the most looked up file hashes from Metadefender malware feed.
* [OpenIOC](http://openioc.org/) - Framework for sharing threat intelligence. * [OpenIOC](https://openioc.org/) - Framework for sharing threat intelligence.
* [Palevo Blocklists](https://palevotracker.abuse.ch/blocklists.php) - Botnet
C&C blocklists.
* [Proofpoint Threat Intelligence](https://www.proofpoint.com/us/products/et-intelligence) - * [Proofpoint Threat Intelligence](https://www.proofpoint.com/us/products/et-intelligence) -
Rulesets and more. (Formerly Emerging Threats.) Rulesets and more. (Formerly Emerging Threats.)
* [Ransomware overview](https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pubhtml) - * [Ransomware overview](https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pubhtml) -
@ -281,9 +279,7 @@ A curated list of awesome malware analysis tools and resources. Inspired by
the configuration settings from common malwares. the configuration settings from common malwares.
* [Malwr](https://malwr.com/) - Free analysis with an online Cuckoo Sandbox * [Malwr](https://malwr.com/) - Free analysis with an online Cuckoo Sandbox
instance. instance.
* [MASTIFF Online](https://mastiff-online.korelogic.com/) - Online static * [Metadefender](https://metadefender.opswat.com/ ) - Scan a file, hash or IP
analysis of malware.
* [Metadefender.com](https://www.metadefender.com) - Scan a file, hash or IP
address for malware (free). address for malware (free).
* [NetworkTotal](https://www.networktotal.com/index.html) - A service that analyzes * [NetworkTotal](https://www.networktotal.com/index.html) - A service that analyzes
pcap files and facilitates the quick detection of viruses, worms, trojans, and all pcap files and facilitates the quick detection of viruses, worms, trojans, and all
@ -295,8 +291,6 @@ A curated list of awesome malware analysis tools and resources. Inspired by
* [ProcDot](http://www.procdot.com) - A graphical malware analysis tool kit. * [ProcDot](http://www.procdot.com) - A graphical malware analysis tool kit.
* [Recomposer](https://github.com/secretsquirrel/recomposer) - A helper * [Recomposer](https://github.com/secretsquirrel/recomposer) - A helper
script for safely uploading binaries to sandbox sites. script for safely uploading binaries to sandbox sites.
* [Sand droid](http://sanddroid.xjtu.edu.cn/) - Automatic and complete
Android application analysis system.
* [SEE](https://github.com/F-Secure/see) - Sandboxed Execution Environment (SEE) * [SEE](https://github.com/F-Secure/see) - Sandboxed Execution Environment (SEE)
is a framework for building test automation in secured Environments. is a framework for building test automation in secured Environments.
* [SEKOIA Dropper Analysis](https://malware.sekoia.fr/) - Online dropper analysis (Js, VBScript, Microsoft Office, PDF). * [SEKOIA Dropper Analysis](https://malware.sekoia.fr/) - Online dropper analysis (Js, VBScript, Microsoft Office, PDF).
@ -423,8 +417,8 @@ the [browser malware](#browser-malware) section.*
Event Log files from raw binary data. Event Log files from raw binary data.
* [Foremost](http://foremost.sourceforge.net/) - File carving tool designed * [Foremost](http://foremost.sourceforge.net/) - File carving tool designed
by the US Air Force. by the US Air Force.
* [Hachoir](https://bitbucket.org/haypo/hachoir) - A collection of Python * [hachoir3](https://github.com/vstinner/hachoir3) - Hachoir is a Python library
libraries for dealing with binary files. to view and edit a binary stream field by field.
* [Scalpel](https://github.com/sleuthkit/scalpel) - Another data carving * [Scalpel](https://github.com/sleuthkit/scalpel) - Another data carving
tool. tool.
* [SFlock](https://github.com/jbremer/sflock) - Nested archive * [SFlock](https://github.com/jbremer/sflock) - Nested archive
@ -631,7 +625,7 @@ the [browser malware](#browser-malware) section.*
Malware in Memory, built on Volatility. Malware in Memory, built on Volatility.
* [evolve](https://github.com/JamesHabben/evolve) - Web interface for the * [evolve](https://github.com/JamesHabben/evolve) - Web interface for the
Volatility Memory Forensics Framework. Volatility Memory Forensics Framework.
* [FindAES](http://jessekornblum.livejournal.com/269749.html) - Find AES * [FindAES](https://sourceforge.net/projects/findaes/) - Find AES
encryption keys in memory. encryption keys in memory.
* [inVtero.net](https://github.com/ShaneK2/inVtero.net) - High speed memory * [inVtero.net](https://github.com/ShaneK2/inVtero.net) - High speed memory
analysis framework developed in .NET supports all Windows x64, includes analysis framework developed in .NET supports all Windows x64, includes
@ -689,8 +683,6 @@ the [browser malware](#browser-malware) section.*
* [al-khaser](https://github.com/LordNoteworthy/al-khaser) - A PoC malware * [al-khaser](https://github.com/LordNoteworthy/al-khaser) - A PoC malware
with good intentions that aimes to stress anti-malware systems. with good intentions that aimes to stress anti-malware systems.
* [Binarly](http://www.binar.ly/search) - Search engine for bytes in a large
corpus of malware.
* [DC3-MWCP](https://github.com/Defense-Cyber-Crime-Center/DC3-MWCP) - * [DC3-MWCP](https://github.com/Defense-Cyber-Crime-Center/DC3-MWCP) -
The Defense Cyber Crime Center's Malware Configuration Parser framework. The Defense Cyber Crime Center's Malware Configuration Parser framework.
* [FLARE VM](https://github.com/fireeye/flare-vm) - A fully customizable, * [FLARE VM](https://github.com/fireeye/flare-vm) - A fully customizable,