Open-source projects categorized as Malware | Edit details

Top 23 Malware Open-Source Projects

  • GitHub repo hosts

    🔒 Consolidating and extending hosts files from several well-curated sources. Optionally pick extensions for porn, social media, and other categories.

    Project mention: Jumping ship to debian | reddit.com/r/debian | 2021-05-11

    If you don't want the full Pi-Hole, you could just use one of StevenBlack's hosts file. https://github.com/StevenBlack/hosts

  • GitHub repo wifiphisher

    The Rogue Access Point Framework

    Project mention: Create a Wi-Fi hotspot for data interception | reddit.com/r/Hacking_Tutorials | 2021-02-10

    You could do almost the same thing with this https://github.com/wifiphisher/wifiphisher, it's a great tool to clone a wifi asking you the password while disauth the original hostpot.


    Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.

    Project mention: 🔰 PENTESTING-BIBLE: Aprenda sobre el hacking ético, reconnaissance, hacking Windows y Linux, y #pentesting de redes inalámbricas | reddit.com/r/u_esgeeks | 2021-04-06
  • GitHub repo theZoo

    A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.

    Project mention: Incident response consultant AMA | reddit.com/r/netsecstudents | 2021-04-16
  • GitHub repo volatility

    An advanced memory forensics framework

    Project mention: Infected Windows 10 Memory Dumps | reddit.com/r/computerforensics | 2021-03-15
  • GitHub repo MalwareSourceCode

    Collection of malware source code for a variety of platforms in an array of different programming languages.

    Project mention: Interview with smelly__vx, founder of vxunderground specially for Russian OSINT | reddit.com/r/u_russian_osint | 2021-04-01

    Russian OSINT: Are you planning to upload lockers (ransomware samples) on your website? smelly__vx: We have thousands of ransomware samples on the website. Example: https://vxug.fakedoma.in/samples/Block.0000.txt has 52 samples. We also have some ransomware source codes on GitHub: https://github.com/vxunderground/MalwareSourceCode/tree/main/Python

  • GitHub repo Reverse-Engineering-Tutorial

    A FREE comprehensive reverse engineering course covering x86, x64, 32-bit ARM & 64-bit ARM architectures.

    Project mention: mytechnotalent/Reverse-Engineering - A FREE comprehensive reverse engineering course covering x86, x64, 32-bit ARM & 64-bit ARM architectures | reddit.com/r/bag_o_news | 2021-04-03
  • GitHub repo maltrail

    Malicious traffic detection system

    Project mention: How do you run self-hosted software? | reddit.com/r/selfhosted | 2021-02-15

    last docker discovery : maltrail (https://github.com/stamparm/maltrail , about to be moved from VM to docker)

  • GitHub repo simplify

    Android virtual machine and deobfuscator

  • GitHub repo pwndbg

    Exploit Development and Reverse Engineering with GDB Made Easy

    Project mention: Trouble downloading pwndbg | reddit.com/r/LiveOverflow | 2021-05-05
  • GitHub repo al-khaser

    Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.

    Project mention: VM Detection Tricks, Part 2: Driver Thread Fingerprinting | reddit.com/r/netsec | 2021-03-13

    Check out al-khaser on GitHub for a tool that implements dozens of VM detection tricks.

  • GitHub repo qiling

    Qiling Advanced Binary Emulation Framework

    Project mention: How to perform full MIPS system emulation with QEMU, using the squashfs image and uBoot kernel image extracted from a rotuer firmware? | reddit.com/r/LiveOverflow | 2021-04-21
  • GitHub repo nginx-ultimate-bad-bot-blocker

    Nginx Block Bad Bots, Spam Referrer Blocker, Vulnerability Scanners, User-Agents, Malware, Adware, Ransomware, Malicious Sites, with anti-DDOS, Wordpress Theme Detector Blocking and Fail2Ban Jail for Repeat Offenders

    Project mention: website with ad code? | reddit.com/r/sysadmin | 2021-02-02
  • GitHub repo pafish

    Pafish is a demonstration tool that employs several techniques to detect sandboxes and analysis environments in the same way as malware families do.

    Project mention: [Hide VM saga] PAFish checks | reddit.com/r/VFIO | 2021-04-01

    But I'm still unable to bypass some Pafish checks:

  • GitHub repo blocklist-ipsets

    ipsets dynamically updated with firehol's update-ipsets.sh script

    Project mention: Blocking Singapore causes Palo Alto updates to fail, and blocks access to support.paloaltonetworks.com | reddit.com/r/paloaltonetworks | 2021-04-23
  • GitHub repo block

    Let's make an annoyance free, better open internet, altogether!

    Project mention: Weekly Observations: What signs of collapse do you see in your region? [in-depth] | reddit.com/r/collapse | 2021-05-11

    I disable antivirus software because they slow down the computer, but I use a openwrt router with firehol (ip blocker) and energized.pro (on adguardhome dns blocker), and geo firewall (blocks all countries except a few) and change my user agent to show a different OS. My uBlock origin does the rest when navigating web, but most of the time the DNS / IP of an ad can't even be reached

  • GitHub repo malwoverview

    Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, ThreatCrowd, Valhalla, Malware Bazaar, ThreatFox and it is able to scan Android devices against VT and HA.

    Project mention: Malwoverview 4.3: support for Malware Bazaar and ThreatFox has been included | reddit.com/r/purpleteamsec | 2021-03-10
  • GitHub repo EvilClippy

    A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro analysis tools. Runs on Linux, OSX and Windows.

    Project mention: Unviewable+ does not make VBA code unviewable | reddit.com/r/vba | 2021-04-25

    Use EvilClippy to unhide the module.

  • GitHub repo hacking-resources

    Hacking resources and cheat sheets. References, tools, scripts, tutorials, and other resources that help offensive and defensive security professionals.

    Project mention: Good cyber security youtube channels | reddit.com/r/cybersecurity | 2021-05-01


  • GitHub repo data

    APTnotes data (by aptnotes)

    Project mention: Should we care about this Russian hack? | reddit.com/r/Anarchism | 2020-12-22
  • GitHub repo malware-ioc

    Indicators of Compromises (IOC) of our various investigations

    Project mention: This Linux malware is hijacking supercomputers across the globe | reddit.com/r/hacking | 2021-02-03


  • GitHub repo malware-samples

    A collection of malware samples caught by several honeypots i manage

    Project mention: Cylance not detecting EICAR ... RLY BB? | reddit.com/r/Cylance | 2021-02-09

    This is the sample I used, https://github.com/fabrimagic72/malware-samples/tree/master/Ransomware/Petya again keep it mind it failed under a VirtualBox VM running on OSX. The Windows ISO used was W10_20H2_v2_International_32bit from https://tb.rg-adguard.net/public.php I have thus far been unable to replicate this on W10 machine, but I stay away from VirtualBox as I like VMWare much more.

  • GitHub repo Neurax

    A framework for constructing self-spreading binaries

    Project mention: Show HN: Neurax – A framework for constructing self-spreading binaries | news.ycombinator.com | 2021-02-17
NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020). The latest post mention was on 2021-05-11.


What are some of the best open-source Malware projects? This list will help you:

Project Stars
1 hosts 17,912
2 wifiphisher 9,797
4 theZoo 7,040
5 volatility 4,512
6 MalwareSourceCode 4,503
7 Reverse-Engineering-Tutorial 4,475
8 maltrail 4,014
9 simplify 3,684
10 pwndbg 3,649
11 al-khaser 2,986
12 qiling 2,346
13 nginx-ultimate-bad-bot-blocker 2,042
14 pafish 1,813
15 blocklist-ipsets 1,781
16 block 1,541
17 malwoverview 1,393
18 EvilClippy 1,299
19 hacking-resources 1,189
20 data 1,153
21 malware-ioc 985
22 malware-samples 903
23 Neurax 771