Top 23 Malware Open-Source Projects
-
hosts
🔒 Consolidating and extending hosts files from several well-curated sources. Optionally pick extensions for porn, social media, and other categories.
Project mention: IT admin gets 7 years for wiping his company's servers to prove a point | reddit.com/r/cybersecurity | 2022-05-17and another https://github.com/StevenBlack/hosts that combines hosts files from a bunch of different sources.
-
Awesome-Hacking-Resources
A collection of hacking / penetration testing resources to make you better!
2) First i learned linux is hacking Distro kalilinux ,parrot os are used by most of security Researchers and pentester.They are many layers Webapp,andriod,ios,blockchain smartcontract,sourcecodeReview,Cves,iotDevices,cmshacking,windows exploitation,linux exploitation,Exploit development ,Reverse engineering ,Api,Threat and malware analysis 3) They are lot of tools and Resourses availabe on i listed MY Favourites https://github.com/rezaduty/cybersecurity-career-path https://github.com/Hack-with-Github/Awesome-Hacking https://github.com/vitalysim/Awesome-Hacking-Resources https://github.com/husnainfareed/Awesome-Ethical-Hacking-Resources 4) Favourite youtube channels https://blog.intigriti.com/2020/10/05/top-20-bug-bounty-youtube-channels-to-follow-in-2020/ 5) OWsap They Release Testing Guide For pentesters and Bugbounty listed the OwsapTop10 vulnearabilites 6) portswigger lab is the best lab to slove and understand the vulnerabilities and daily swig news of cybersecurity iam Biggest fan of jammes kattle Research on Http2 7) conferences is play the main role to attend watch video on Youtube and also join local group and conference Blackhat ,Defcon,Redteamvillage they are many and satellite village also 8) Be CURIOUS TO LEARN NEW
-
SonarQube
Static code analysis for 29 languages.. Your projects are multi-language. So is SonarQube analysis. Find Bugs, Vulnerabilities, Security Hotspots, and Code Smells so you can release quality code every time. Get started analyzing your projects today for free.
-
Project mention: Is there such a thing as a long range wifi adapter? | reddit.com/r/HomeNetworking | 2022-03-25
-
MalwareSourceCode
Collection of malware source code for a variety of platforms in an array of different programming languages.
vx-underground.org
-
PENTESTING-BIBLE
Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.
-
theZoo
A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.
Project mention: Public malware repos as a part of Malware Analysis | reddit.com/r/github | 2022-05-11Not against the TOS. See theZoo.
-
Reverse-Engineering-Tutorial
A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit ARM & 64-bit ARM architectures.
Project mention: Updated Reverse Engineering Tutorial w/ Hacking Windows API step-by-step, under construction | reddit.com/r/ReverseEngineering | 2022-05-05 -
Scout APM
Less time debugging, more time building. Scout APM allows you to find and fix performance issues with no hassle. Now with error monitoring and external services monitoring, Scout is a developer's best friend when it comes to application development.
-
TheFatRat
Thefatrat a massive exploiting tool : Easy tool to generate backdoor and easy tool to post exploitation attack like browser attack and etc . This tool compiles a malware with popular payload and then the compiled malware can be execute on windows, android, mac . The malware that created with this tool also have an ability to bypass most AV software protection .
It’s okay he knows the fat rat 🤙😎 he is probably a hacker or something
-
The volatility wiki should have instructions you need. Just follow the steps here (https://github.com/volatilityfoundation/volatility/wiki/Linux#making-the-profile)
-
pyWhat
🐸 Identify anything. pyWhat easily lets you identify emails, IP addresses, and more. Feed it a .pcap file or some text and it'll tell you what it is! 🧙♀️
Project mention: Tips for Making a Popular Open-Source Project in 2021 [Ultimate Guide] | news.ycombinator.com | 2021-11-12 -
There are a lot of these types of tools already in the reverse engineering community (in order of lowest chance of breaking when you throw really weird stuff at it):
GEF: https://gef.readthedocs.io/en/master/
PWNDBG: https://github.com/pwndbg/pwndbg
PEDA: https://github.com/longld/peda
They also come with a slew of different features to aid in RE/exploit dev, but many of them are also useful for debugging really weird issues.
-
-
-
al-khaser
Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
To avoid detection of something like a cuckoo I would use https://github.com/nsmfoo/antivmdetection and test it with https://github.com/therealdreg/anticuckoo and https://github.com/LordNoteworthy/al-khaser
-
-
nginx-ultimate-bad-bot-blocker
Nginx Block Bad Bots, Spam Referrer Blocker, Vulnerability Scanners, User-Agents, Malware, Adware, Ransomware, Malicious Sites, with anti-DDOS, Wordpress Theme Detector Blocking and Fail2Ban Jail for Repeat Offenders
I used the ultimate Nginx bad bot blocker on a couple of my side projects, and it is a pretty good project https://github.com/mitchellkrogza/nginx-ultimate-bad-bot-blo... . Apart from the Cloudflare offers UA blocking and AI driven bot management too. Most of these bots are for content scrapping and then creating search spam results. I am a one-person show, and it hurts both financial and resources wise on severs. So I block them.
-
pafish
Pafish is a testing tool that uses different techniques to detect virtual machines and malware analysis environments in the same way that malware families do
Project mention: Does Windows think I'm running on VM? Not sure where to look. | reddit.com/r/VFIO | 2022-01-23You can use pafish to test vm detection methods. https://github.com/a0rtega/pafish
-
-
Project mention: The only way to be safe and ensure that you missed no ads | reddit.com/r/Piracy | 2022-05-12
Have in mind that any decent content blocker you can add extra lists or extra rules, like https://energized.pro/ for example, and uBO also has lists built int to block malwares, no reason to use Malwarebytes that is just one more closed source third-party extension that god knows what data they are collection from your browsing history.
-
hosts-blocklists
Automatically updated, moderated and optimized lists for blocking ads, trackers, malware and other garbage
-
malwoverview
Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, ThreatCrowd, Malware Bazaar, ThreatFox, Triage and it is able to scan Android devices against VT.
-
EvilClippy
A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro analysis tools. Runs on Linux, OSX and Windows.
-
hacking-resources
Hacking resources and cheat sheets. References, tools, scripts, tutorials, and other resources that help offensive and defensive security professionals.
Malware related posts
- Stuxnet if someone is interested
- IT admin gets 7 years for wiping his company's servers to prove a point
- XQC Goes back to Sponsored gambing, after being sorry and quitting a year ago. Silently placed #ad at end of title. [No Gambin in Clip]
- Public malware repos as a part of Malware Analysis
- i need help
- Own mini “botnet” project
- Ubuntu Christian Edition -- Linux For Christians
Index
What are some of the best open-source Malware projects? This list will help you:
| Project | Stars | |
|---|---|---|
| 1 | hosts | 20,764 |
| 2 | Awesome-Hacking-Resources | 11,974 |
| 3 | wifiphisher | 10,743 |
| 4 | MalwareSourceCode | 10,220 |
| 5 | PENTESTING-BIBLE | 9,491 |
| 6 | theZoo | 8,465 |
| 7 | Reverse-Engineering-Tutorial | 6,903 |
| 8 | TheFatRat | 6,477 |
| 9 | volatility | 5,335 |
| 10 | pyWhat | 5,147 |
| 11 | pwndbg | 4,572 |
| 12 | maltrail | 4,531 |
| 13 | simplify | 3,961 |
| 14 | al-khaser | 3,889 |
| 15 | qiling | 3,406 |
| 16 | nginx-ultimate-bad-bot-blocker | 2,613 |
| 17 | pafish | 2,228 |
| 18 | blocklist-ipsets | 2,180 |
| 19 | block | 2,076 |
| 20 | hosts-blocklists | 1,885 |
| 21 | malwoverview | 1,826 |
| 22 | EvilClippy | 1,620 |
| 23 | hacking-resources | 1,355 |
Are you hiring? Post a new remote job listing for free.
