SaaSHub helps you find the best software and product alternatives Learn more โ
Top 23 Malware Open-Source Projects
-
hosts
๐ Consolidating and extending hosts files from several well-curated sources. Optionally pick extensions for porn, social media, and other categories.
Why use NextDNS when you can use a lightweight, native solution[1]? Sorry if this sounds condescending but I need less services and not more.
[1]: https://github.com/StevenBlack/hosts
-
InfluxDB
InfluxDB โ Built for High-Performance Time Series Workloads. InfluxDB 3 OSS is now GA. Transform, enrich, and act on time series data directly in the database. Automate critical tasks and eliminate the need to move data externally. Download now.
-
MalwareSourceCode
Collection of malware source code for a variety of platforms in an array of different programming languages.
Project mention: Source Code of $3k-a-Month macOS Malware 'Banshee Stealer' Leaked | news.ycombinator.com | 2024-12-01So let me get this straight. The malware source code was uploaded to github for people to view, but it's all in zip and 7z files, requiring you to download and execute the files in order to see their contents. 7z itself just had a RCE cve last week, and who would ever download malware files and unzip them trying to view the source code. This repo is not something to be trusted in its current state
https://github.com/vxunderground/MalwareSourceCode/tree/main...
-
Awesome-Hacking-Resources
A collection of hacking / penetration testing resources to make you better!
-
-
Reverse-Engineering-Tutorial
A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit/64-bit ARM, 8-bit AVR and 32-bit RISC-V architectures.
Project mention: Reverse Engineering โ Lesson 1: x86 Course (Part 1: Goals) | news.ycombinator.com | 2024-12-20 -
theZoo
A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.
The analyzed sample is provided within this folder, the password for the zip file is infected. This sample was taken from theZoo Repository.
-
Personally I use a dns block list like https://github.com/hagezi/dns-blocklists with dnmasq or dnsdist. Works great :)
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
-
TheFatRat
Thefatrat a massive exploiting tool : Easy tool to generate backdoor and easy tool to post exploitation attack like browser attack and etc . This tool compiles a malware with popular payload and then the compiled malware can be execute on windows, android, mac . The malware that created with this tool also have an ability to bypass most AV software protection .
-
We were given a quite big 20250312.mem file. Looking at the name of the challenge and the size of the file, it was clear it was required to use volatility.
-
-
pyWhat
๐ธ Identify anything. pyWhat easily lets you identify emails, IP addresses, and more. Feed it a .pcap file or some text and it'll tell you what it is! ๐งโโ๏ธ
Project mention: pyWhat VS binwalk - a user suggested alternative | libhunt.com/r/pyWhat | 2024-07-19 -
al-khaser
Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
-
-
-
nginx-ultimate-bad-bot-blocker
Nginx Block Bad Bots, Spam Referrer Blocker, Vulnerability Scanners, User-Agents, Malware, Adware, Ransomware, Malicious Sites, with anti-DDOS, Wordpress Theme Detector Blocking and Fail2Ban Jail for Repeat Offenders
Project mention: Killing Bots at the Gate: Detecting Malicious Crawlers with Nginx | dev.to | 2025-05-03Bonus: check your logs against public bot signature lists like MitchellKrogzaโs bad bot list.
-
pafish
Pafish is a testing tool that uses different techniques to detect virtual machines and malware analysis environments in the same way that malware families do
-
-
-
malwoverview
Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, ThreatFox, Triage, InQuest, VxExchange and IPInfo, and it is also able to scan Android devices against VT.
-
Clone the Volatility 3 repository: > git clone https://github.com/volatilityfoundation/volatility3.git
-
-
-
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
Malware discussion
Malware related posts
-
๐ Insomni'hack 2025 CTF write-up
-
Malware Analysis: CryptoLocker
-
Tell HN: I just updated my wife's Chrome, and uBlock is no longer supported
-
Source Code of $3k-a-Month macOS Malware 'Banshee Stealer' Leaked
-
Researchers discover first UEFI bootkit malware for Linux
-
A Study of Malware Prevention in Linux Distributions
-
Ask HN: What ist your AdBlock strategy?
-
A note from our sponsor - SaaSHub
www.saashub.com | 21 May 2025
Index
What are some of the best open-source Malware projects? This list will help you:
# | Project | Stars |
---|---|---|
1 | hosts | 28,077 |
2 | MalwareSourceCode | 16,775 |
3 | Awesome-Hacking-Resources | 15,694 |
4 | wifiphisher | 13,825 |
5 | Reverse-Engineering-Tutorial | 12,124 |
6 | theZoo | 11,841 |
7 | dns-blocklists | 11,295 |
8 | TheFatRat | 9,779 |
9 | volatility | 7,571 |
10 | maltrail | 6,965 |
11 | pyWhat | 6,866 |
12 | al-khaser | 6,314 |
13 | qiling | 5,435 |
14 | simplify | 4,528 |
15 | nginx-ultimate-bad-bot-blocker | 4,365 |
16 | pafish | 3,647 |
17 | flare-floss | 3,521 |
18 | blocklist-ipsets | 3,406 |
19 | malwoverview | 3,193 |
20 | volatility3 | 3,097 |
21 | block | 2,602 |
22 | APT_REPORT | 2,555 |
23 | CAPEv2 | 2,411 |