Top 23 Malware Open-Source Projects

hosts

306 25,463 9.5 Python

🔒 Consolidating and extending hosts files from several well-curated sources. Optionally pick extensions for porn, social media, and other categories.

Project mention: Does PiHole block porn? | /r/pihole | 2023-12-06

Not by default but a blocklist can be found here https://github.com/StevenBlack/hosts

MalwareSourceCode

29 15,103 5.6 Assembly

Collection of malware source code for a variety of platforms in an array of different programming languages.

Project mention: Datasets for Malware Identification | /r/cybersecurity | 2023-07-11

Not sure if this fits your description but worth a shot in the dark.

InfluxDB

www.influxdata.com sponsored

Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
Awesome-Hacking-Resources

5 14,677 0.0

A collection of hacking / penetration testing resources to make you better!
wifiphisher

5 12,689 1.3 Python

The Rogue Access Point Framework
theZoo

64 10,688 2.8 Python

A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.

Project mention: TheZoo a.k.a. Malware DB | news.ycombinator.com | 2023-08-18

Reverse-Engineering-Tutorial

17 9,973 8.5 Assembly

A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit ARM & 64-bit ARM architectures.

Project mention: New embedded and Rust hacking tutorials added - For anyone that missed my last post. Kevin Thomas is my mentor. We are both working together to bring free and low cost resources to those who are looking to learn and don't have money for expensive bootcamps/certs. Please enjoy his free tutorials! | /r/ReverseEngineering | 2023-10-27

TheFatRat

8 8,911 0.0 C

Thefatrat a massive exploiting tool : Easy tool to generate backdoor and easy tool to post exploitation attack like browser attack and etc . This tool compiles a malware with popular payload and then the compiled malware can be execute on windows, android, mac . The malware that created with this tool also have an ability to bypass most AV software protection .
WorkOS

workos.com sponsored

The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
volatility

18 6,928 0.0 Python

An advanced memory forensics framework

Project mention: What is the appropriate uncompressed kernel ELF to use with dwarf2json? [ 5.19.0-42-generic #43~22.04.1-Ubuntu ], in order to create generate a custom symbols table to conduct linux memory forensics on Ubuntu 22.04? | /r/computerforensics | 2023-05-28

I need this to create generate a custom symbols table (using dwarf2json), in order to run a memory dump acquired by Ubuntu 22.04, as Ubuntu 22.04 kernel does not work anymore with volatility 2 (Issue here: volatilityfoundation/volatility#828)

pyWhat

16 6,352 0.0 Python

🐸 Identify anything. pyWhat easily lets you identify emails, IP addresses, and more. Feed it a .pcap file or some text and it'll tell you what it is! 🧙‍♀️
maltrail

5 5,749 10.0 Python

Malicious traffic detection system

Project mention: Maltrail: Malicious traffic detection system | /r/selfhosted | 2023-07-05

I just wanted to tell you about Maltrail (https://github.com/stamparm/maltrail/).

al-khaser

5 5,521 5.7 C++

Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
qiling

10 4,834 6.2 Python

A True Instrumentable Binary Emulation Framework

Project mention: Qiling: A True Instrumentable Binary Emulation Framework | news.ycombinator.com | 2024-04-01

simplify

0 4,367 0.0 Java

Android virtual machine and deobfuscator
dns-blocklists

82 3,889 8.5 Text

DNS-Blocklists: For a better internet - keep the internet clean!

Project mention: Runs on your OpenWrt box: AdGuard Home is network-wide blocking ads and tracking | news.ycombinator.com | 2024-02-06

Hagezi blocklists are the current standard now: https://github.com/hagezi/dns-blocklists
You could go for one of the Lite blocklists for the network wide, family friendly (non-breaking) list.

nginx-ultimate-bad-bot-blocker

11 3,667 9.8 Shell

Nginx Block Bad Bots, Spam Referrer Blocker, Vulnerability Scanners, User-Agents, Malware, Adware, Ransomware, Malicious Sites, with anti-DDOS, Wordpress Theme Detector Blocking and Fail2Ban Jail for Repeat Offenders

Project mention: Nginx Bad Bot and User-Agent Blocker | news.ycombinator.com | 2024-03-07

flare-floss

4 3,016 9.3 Python

FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.
pafish

17 2,996 5.5 C

Pafish is a testing tool that uses different techniques to detect virtual machines and malware analysis environments in the same way that malware families do

Project mention: Is there still a way to counter virtual machine detection by popular anti cheat? | /r/VFIO | 2023-12-05

Pafish is what you asking for, but as u/ForceBlade wrote, you cannot win this game.

blocklist-ipsets

39 2,949 2.7 Shell

ipsets dynamically updated with firehol's update-ipsets.sh script
malwoverview

3 2,725 6.7 Python

Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, ThreatFox, Triage, InQuest and it is able to scan Android devices against VT.
block

95 2,444 0.0 Shell

Let's make an annoyance free, better open internet, altogether!
volatility3

7 2,207 9.4 Python

Volatility 3.0 development
APT_REPORT

4 2,175 9.0 Python

Interesting APT Report Collection And Some Special IOC
EvilClippy

2 2,049 0.0 C#

A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro analysis tools. Runs on Linux, OSX and Windows.
SaaSHub

www.saashub.com sponsored

SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020).

Malware related posts

Hell's Gate [pdf]
1 project | news.ycombinator.com | 9 Apr 2024
Qiling: A True Instrumentable Binary Emulation Framework
1 project | news.ycombinator.com | 1 Apr 2024
Ledger's NPM account has been hacked
8 projects | news.ycombinator.com | 14 Dec 2023
Does PiHole block porn?
2 projects | /r/pihole | 6 Dec 2023
Steven Black DNS blocklist blocked gstatic.com
2 projects | news.ycombinator.com | 6 Dec 2023
Is there still a way to counter virtual machine detection by popular anti cheat?
1 project | /r/VFIO | 5 Dec 2023
Rust Without Crates.io
5 projects | news.ycombinator.com | 14 Nov 2023
A note from our sponsor - SaaSHub
www.saashub.com | 26 Apr 2024

SaaSHub helps you find the best software and product alternatives Learn more →

Index

What are some of the best open-source Malware projects? This list will help you:

	Project	Stars
1	hosts	25,463
2	MalwareSourceCode	15,103
3	Awesome-Hacking-Resources	14,677
4	wifiphisher	12,689
5	theZoo	10,688
6	Reverse-Engineering-Tutorial	9,973
7	TheFatRat	8,911
8	volatility	6,928
9	pyWhat	6,352
10	maltrail	5,749
11	al-khaser	5,521
12	qiling	4,834
13	simplify	4,367
14	dns-blocklists	3,889
15	nginx-ultimate-bad-bot-blocker	3,667
16	flare-floss	3,016
17	pafish	2,996
18	blocklist-ipsets	2,949
19	malwoverview	2,725
20	block	2,444
21	volatility3	2,207
22	APT_REPORT	2,175
23	EvilClippy	2,049