Search Results for "malware-samples"
Sort By:
Showing 76 open source projects for "malware-samples"
View related business solutions-
Auth0 B2B Essentials: SSO, MFA, and RBAC Built InAuth0's B2B Essentials plan gives you everything you need to ship secure multi-tenant apps. Unlimited orgs, enterprise SSO, RBAC, audit log streaming, and higher auth and API limits included. Add on M2M tokens, enterprise MFA, or additional SSO connections as you scale.
-
Build Securely on Azure with Proven FrameworksMoving to the cloud brings new challenges. How can you manage a larger attack surface while ensuring great network performance? Turn to Fortinet’s Tested Reference Architectures, blueprints for designing and securing cloud environments built by cybersecurity experts. Learn more and explore use cases in this white paper.
-
1
malware-samples
A collection of malware samples and relevant dissection information
This repo is a public collection of malware samples and related dissection/analysis information, maintained by InQuest. It gathers various kinds of malicious artifacts, executables, scripts, macros, obfuscated documents, etc., with metadata (e.g., VirusTotal reports), file carriers, and sample hashes. It’s intended for malware analysts/researchers to help study how malware works, how they are delivered, and how it evolves. -
2
YARA
The pattern matching swiss knife for malware researchers
YARA is a tool aimed at (but not limited to) helping malware researchers to identify and classify malware samples. With YARA you can create descriptions of malware families (or whatever you want to describe) based on textual or binary patterns. Each description, a.k.a rule, consists of a set of strings and a boolean expression which determines its logic. YARA is multi-platform, running on Windows, Linux and Mac OS X, and can be used through its command-line interface or from your own Python scripts with the yara-python extension. ... -
3
ClamAV
Antivirus engine for detecting trojans, viruses and malware
ClamAV is an open-source antivirus engine developed by Cisco Talos that provides cross-platform malware detection for servers, desktops, and mail systems. Originally designed for Unix environments and email security, it has evolved into a flexible antimalware toolkit capable of identifying millions of viruses, worms, trojans, and other threats. The software includes a command-line scanner, an automatically updating signature database, and a scalable multi-threaded daemon that enables high-performance scanning in production environments. ... -
4
uBlock Origin
An efficient blocker for Chromium and Firefox
...Fast, potent, and lean. uBlock Origin is not an "ad blocker", it is a wide-spectrum blocker, which happens to be able to function as a mere "ad blocker". The default behavior of uBlock Origin, when newly installed, is to block ads, trackers and malware sites through EasyList, EasyPrivacy, Peter Lowe’s ad/tracking/malware servers, Online Malicious URL Blocklist, and uBlock Origin's own filter lists. uBlock Origin (or uBlock₀) is not an ad blocker; it's a general-purpose blocker. uBlock Origin blocks ads through its support of the Adblock Plus filter syntax. uBlock Origin extends the syntax and is designed to work with custom rules and filters. ... -
$300 in Free Credit Towards Top Cloud ServicesStart your project in minutes. After credits run out, 20+ products include free monthly usage. Only pay when you're ready to scale.
-
5
Ghidra
Ghidra is a software reverse engineering (SRE) framework
...It supports a wide array of instruction sets and executable formats, offering features such as decompilation, disassembly, scripting, and interactive graphing. Designed for security researchers and analysts, Ghidra provides a robust environment for understanding malware, auditing code, and performing software forensics. It includes both GUI-based and headless analysis modes. -
6
Santa
A binary authorization system for macOS
...Santa is made up of a kernel extension (or a system extension on macOS 10.15+) that monitors and participates in execve() decisions, a userland daemon that makes the execution decisions, a GUI agent that shows notifications when an execve() is blocked, and a command-line utility that oversees system management and the synchronization of database and server. Santa is built to help protect users by stopping the spread of malware and analyzing what's running on a computer, but is by no means a total security system. Ideally Santa works as a part of a defense-in-depth strategy, and other measures should be in place to protect hosts. -
7
DNS Blocklists
For a better internet - keep the internet clean
...The project offers multiple tiers of blocklists, ranging from lightweight filtering to aggressive protection, allowing users to choose the level of blocking that best fits their needs. It targets a wide range of online threats and nuisances, including advertisements, trackers, malware, phishing domains, scam websites, and cryptojacking services. The lists are built from multiple data sources and are carefully optimized to minimize false positives while maintaining high effectiveness. They are compatible with a variety of DNS-based filtering tools such as Pi-hole, AdGuard, and DNSMasq, making them easy to integrate into different environments. ... -
8
SSH-MITM
Server for security audits supporting public key authentication
ssh man-in-the-middle (ssh-mitm) server for security audits supporting publickey authentication, session hijacking and file manipulation. SSH-MITM is a man in the middle SSH Server for security audits and malware analysis. Password and publickey authentication are supported and SSH-MITM is able to detect, if a user is able to login with publickey authentication on the remote server. This allows SSH-MITM to accept the same key as the destination server. If publickey authentication is not possible, the authentication will fall back to password-authentication. ... -
9
Blokada Apps
Repo for Blokada apps
...Protect multiple devices from ads and tracking, and manage your preferences in one place. Enjoy zero battery drain, no noticeable slowdowns, and highly reliable adblocking. If you want to efficiently block ads, trackers, malware, save on your data plan, speed up your device and protect your privacy with just one application, then Blokada is for you. It is free, secure and open source. For ultimate privacy protection, upgrade to Blokada Plus and connect through our VPN. Available in both Blokada 6 and Blokada 5. We use WireGuard®, the most advanced VPN protocol, to encrypt your network activity and hide your IP address. -
Enterprise-grade ITSM, for every businessFreshservice is an intuitive, AI-powered platform that helps IT, operations, and business teams deliver exceptional service without the usual complexity. Automate repetitive tasks, resolve issues faster, and provide seamless support across the organization. From managing incidents and assets to driving smarter decisions, Freshservice makes it easy to stay efficient and scale with confidence.
-
10
IntelOwl
Centralized platform for automated threat intelligence analysis
...These plugins can collect data from external intelligence platforms or generate insights using internal analysis tools such as YARA or static malware analyzers. -
11
Portmaster
Block Mass Surveillance
Portmaster is a free and open-source application firewall that does the heavy lifting for you. Restore privacy and take back control over all your computer's network activity. Discover everything that is happening on your computer. Expose every connection your applications make and detect evil ones. Finally, get the power to act accordingly. Protect your whole computer, not just your browser. Block all advertisements and trackers for every application. Easily add your own rules and block... -
12
Detect It Easy
Program for determining types of files for Windows, Linux and MacOS
Detect It Easy (DiE) is a tool for determining the type and internal features of binary and other file formats. It is widely used by malware analysts, digital forensics investigators, reverse engineers, and security researchers to quickly inspect unknown files and infer their type, architecture, compiler/packer used, and internal structure. DiE supports a large variety of file formats — from common executables (Windows PE, Linux ELF, macOS Mach-O) to archives, mobile packages (APK, IPA), legacy binaries, compressed or packed files, and more — making it a versatile first step in analysis or triage workflows. ... -
13
Zen Linux
Simple, free and efficient ad-blocker and privacy guard
Zen is an open-source system-wide ad-blocker and privacy guard for Windows, macOS, and Linux. It works by setting up a proxy that intercepts HTTP requests from all applications and blocks those serving ads, tracking scripts that monitor your behavior, malware, and other unwanted content. By operating at the system level, Zen can protect against threats that browser extensions cannot, such as trackers embedded in desktop applications and operating system components. Zen comes with many pre-installed filters but also allows you to easily add host files and EasyList-style filters, enabling you to tailor your protection to your specific needs. -
14
Web-Check
All-in-one OSINT tool for analysing any website
Comprehensive, on-demand open source intelligence for any website. Get an insight into the inner-workings of a given website: uncover potential attack vectors, analyse server architecture, view security configurations, and learn what technologies a site is using. Currently the dashboard will show: IP info, SSL chain, DNS records, cookies, headers, domain info, search crawl rules, page map, server location, redirect ledger, open ports, traceroute, DNS security extensions, site performance,... -
15
hdom_access
receive an email when a file is accessed or modified on linux-unix
receive an email or done a command when a file is accessed or modified or renamed or erased on linux, watch your files access, secure your workstation against viruses and ransomware -
16
A professional PE (Portable Executable) analysis and modification tool for Windows executables and DLLs.
-
17
Anya
A malware analysis platform built in Rust
Anya is a privacy-first static malware analysis tool for Windows, Linux, and macOS. It combines PE, ELF, and Mach-O binary analysis with MITRE ATT&CK mapping, confidence-based risk scoring, and plain-English explanations. All offline, with zero network calls. Built for analysts and students alike, it ships as both a CLI and a desktop GUI. -
18
url-checker-php-sdk
Official PHP SDK for the EmailVeritas URL Checker API
The EmailVeritas URL Checker PHP SDK provides real-time phishing and malicious link detection through the official EmailVeritas API. It enables developers to classify and analyze URLs directly from PHP applications using simple methods for URL Lookup and URL Scan. Lightweight and dependency-free, the SDK performs redirect-chain, WHOIS, and HTML metadata analysis. Composer support makes integration seamless with PSR-4 autoloading. Ideal for CRMs, contact forms, and security... -
19
readpe
The PE file analysis toolkit
readpe (formerly known as pev) is a multiplatform toolkit to work with PE (Portable Executable) binaries. Its main goal is to provide feature-rich tools for properly analyze binaries with a strong focus on suspicious ones. -
20
phpMussel
PHP-based anti-virus anti-trojan anti-malware solution.
...Einem PHP-Script, um Trojaner, Viren, Malware und andere Bedrohungen in Dateien zu entdecken, die auf Ihr System hochgeladen werden könnten, welches die Signaturen von ClamAV und weitere nutzt. Uno PHP script progettato per la rilevazione di trojan, virus, malware e altre minacce all'interno di file caricati nel sistema ovunque lo script è collegato, basato su firme di ClamAV e altri. -
21
messor-opencart
Messor Security - IPS/WAF anti DDOS/bot and more for OpenCart3
Messor Free open source extension for OpenCart to protect your store. Each network member collects intruders and attacks data and then sends it to central servers, as well as distributes the current database to the rest network participants. The current concept provides real-time protection of your store from the network attacks. -
22
pyWhat
Identify emails, IP addresses, and more
...Given inputs such as hex strings, URLs, email addresses, IP addresses, credit card numbers, cryptocurrency wallets, or entire .pcap capture files, it scans for structured patterns and tells you what it finds. The tool is recursive: it can traverse files and directories to extract meaningful entities, which is useful when analyzing malware samples, network captures, or code repositories at scale. It offers powerful filters called “tags” and distributions that let you narrow results to specific categories like bug bounties, cryptocurrencies, or AWS-related artifacts. For automation and integration, pyWhat provides a CLI with options for rarity filtering, sorting, and JSON export, as well as an API that can be imported into other Python programs. -
23
PyExfil
A Python Package for Data Exfiltration
...In my eyes it’s still a messy PoC that needs a lot more work and testing to become stable. The purpose of PyExfil is to set as many exfiltrations, and now also communication, techniques that CAN be used by various threat actors/malware around to bypass various detection and mitigation tools and techniques. You can track changes at the official GitHub page. Putting it simply, it’s meant to be used as a testing tool rather than an actual Red Teaming tool. Although most techniques and methods should be easily ported and compiled to various operating systems, some stable some experimental, the transmission mechanism should be stable on all techniques. ... -
24
FinalCrypt
FinalCrypt - Unbreakable One-Time Pad Encryption
Why FinalCrypt? 1. Most people choose Disk-Encryption as it's easier to unlock a whole drive, but Big-Brother or Malware can then also read all your files. Only use File-Encryption! 2. Most software uses recently broken AES encryption. 3. Soon The Shor's algorithm will instantly break all assymmetric encryption with Quantum Computers. 4. FinalCrypt uses Symmetric One Time Pad Encryption, which is the most unbreakable encryption there is. 5. -
25
Abdal AES Encryption
AES Message Encryption Tool
Abdal AES Encryption is a security tool for encrypting messages developed by the Abdal team. This tool uses AES encryption and has high power. AES stands for Advanced Encryption Standard, which was developed in 2001 by the US National Institute of Technology and Standards. The advanced encryption standard is accepted by the US government and is now used worldwide. This encryption algorithm replaces the Data Encryption Standard (DES) published in 1977.
