A community driven public malware repository that works to provide free access to malware samples and tooling to the infomation security community.
GitHub public repositories matching the '#malware' topic.
Online Virus Scanner Without Result Distribution. Scan your file online with multiple different antiviruses without distributing the results of your scan.
A global community of people helping each other with their Security, Technology and Technical Support questions.
Stay up to date with the latest cybersecurity insights, practical advice, articles and news from the Veriti Experts.
Collection of various malicious functionality to aid in malware development.
Frontline Mandiant investigations, expert analysis, tools and guidance, and in-depth security research.
Valkyrie is a file verdict system. Different from traditional signature based malware detection techniques Valkyrie conducts several analysis using run-time behavior and hundreds of features from a file and based on analysis results can warn users against malware undetected by classic Anti-Virus products.
This service is collecting, indexing, and centralizing ransomware information from most ransomware groups and their victims.
A free malware analysis service for the community that detects and analyzes unknown threats using a unique Hybrid Analysis technology.
RansomLook is an open-source project aimed at assisting users in tracking ransomware-related posts and activities across various sites, forums, and Telegram channels.
We discuss hot topics, malware behavior, techniques, practices for analyzing malicious files, and of course, we will talk more about our online interactive sandbox.
MalwareMustDie (MMD) is a prominent nonprofit whitehat security research group that emerged in August 2012, standing as a collective force against the proliferation of malware on the internet. The organization comprises a collaborative effort of IT professionals and dedicated security researchers, united by a shared mission to combat and mitigate the impact of various forms of malicious software.
Deep Dive Malware Analysis Insights.
Attackers are using popular legitimate domains when conducting phishing, C&C, exfiltration and downloading tools to evade detection. The list of websites below allow attackers to use their domain or subdomain.
HackMag is an educational ecosystem where cybersecurity specialists share practical knowledge in exchange for financial rewards and recognition. Access to this knowledge significantly increases the hands-on educational level of fellow specialists and the security of computer systems throughout the world.
The Intelligence and research arm of Check Point Technologies provides leading cyber threat intelligence to Check Point customers and the greater intelligence community.
We keep you posted on the latest cyber threats. Learn more about what is new in the world of IT security. Knowledge is the best protection.
The latest updates on cybersecurity from today’s experts. Read about ransomware, vulnerabilities, and threat intelligence impacting businesses.
TIPS & GUIDANCE Ransomware incidents can severely impact business processes and leave organizations without the data they need to operate and deliver.
Get up-to-date hot takes on the state of cybersecurity today, from responses to US-CERT alerts, to using the MITRE ATT&CK framework.
PCrisk cyber security portal and certified anti-virus application Combo Cleaner is brought by a company RCS LT. All content on pcrisk.com is provided by professional authors who are experts in computer security. In our removal guides we recommend using Combo Cleaner to remove malware infections. Close collaboration between expert authors of PCrisk and malware researchers of Combo Cleaner empowers us to provide the best solutions in malware removal. Every malware removal guide is closely checked by our malware researchers to ensure that Combo Cleaner can 100% detected and eliminate the threat that we write about.
Keep up to date with Halcyon's announcements and research here.
Real Intrusions by Real Attackers, The Truth Behind the Intrusion.
The largest collection of malware source code, samples, and papers on the internet.
Access top cyber intelligence and dark web insights to navigate digital threats effectively with Daily Dark Web.
The Official Blog from Kaspersky covers information to help protect you against viruses, spyware, hackers, spam & other forms of malware.
A comprehensive module-based malware development course that provides fundamental to advanced level training|
It is the golden age of Command and Control (C2) frameworks. The goal of this site is to point you to the best C2 framework for your needs based on your adversary emulation plan and the target environment. Take a look at the matrix or use the questionnaire to determine which fits your needs.
Stop Malvertising investigates current Malware Trends and the distribution of malware exploits through online advertising networks.
PolySwarm is a crowdsourced threat detection marketplace where security experts & AV companies compete to protect you.
29 year old cybersecurity specialist, speaker, and ex-hacker. Best known for stopping the global WannaCry ransomware attack. Background in programming & threat intelligence.
Collection of malware source code for a variety of platforms in an array of different programming languages.
Researchers in the Lookout Threat Lab leverage the world’s largest mobile telemetry dataset to track APT activity, discover new mobile malware, and provide actionable intelligence.
Kaspersky Threat Intelligence Portal allows you to scan files, domains, IP addresses, and web addresses for threats, malware, viruses
VirusShare.com is a repository of malware samples to provide security researchers, incident responders, forensic analysts, and the morbidly curious access to samples of live malicious code.
Malcore is designed to automate malware analysis and was designed by Internet 2.0’s top malware analysts Thomas Perkins. Malcore’s sandbox powered by AI is designed with speed and scalability. Malcore automates malware analysis, checks files and links.
Attracting more than a half-million annual readers, this is the security community's go-to destination for technical breakdowns of the latest threats, critical vulnerability disclosures and cutting-edge research.
Sekoia.io Blog sheds light on the state of the Cybersecurity Operations industry, from Threat analyses to highlights on solutions and partnerships as well as foundational contents on XDR, CTI and more.
Analyse suspicious files, domains, IPs and URLs to detect malware and other breaches, automatically share them with the security community.
Documenting reverse engineering of malware.
Upload a ransom note and/or sample encrypted file to identify the ransomware that has encrypted your data.
Analyze and share malware samples and threat intelligence to join the fight against cyber threats.
We are the leading creator of original DNS threat intelligence. We’re proactive, not just defensive, using our insights to track threat actor infrastructure and disrupt cybercrime where threat actors begin. We also believe in sharing knowledge to support the broader security community by publishing detailed research on select actors and associated indicators.
The EMBER dataset is a collection of features from PE files that serve as a benchmark dataset for researchers. The EMBER2017 dataset contained features from 1.1 million PE files scanned in or before 2017 and the EMBER2018 dataset contains features from 1 million PE files scanned in or before 2018. This repository makes it easy to reproducibly train the benchmark models, extend the provided feature set, or classify new PE files with the benchmark models.
These are notes about all things focusing on, but not limited to, red teaming and offensive security.
Every day Kaspersky automatically processes around 400,000 new malicious files. Only one percent of these need manual work from a security expert, and only a tiny fraction of that 1% go to the company’s top-notch Global Research and Analysis Team (GReAT). Those chosen few samples belong to the rarest, most menacing new APTs (advanced persistent threats). Kaspersky Lab’s Targeted Cyberattack Logbook chronicles all of these ground-breaking malicious cybercampaigns that have been investigated by!
World First Visual AI Based Malware Detection. The first solution that converts files into graphical representations and checks whether malware is contained or not. We provide user-friendly, efficient and secure malware detection technology.
theZoo is a project created to make the possibility of malware analysis open and available to the public. Since we have found out that almost all versions of malware are very hard to come by in a way which will allow analysis, we have decided to gather all of them for you in an accessible and safe way. theZoo was born by Yuval tisf Nativ and is now maintained by Shahak Shalev.
With a massive growth in new malware and infections, macOS security awareness is now more important than ever. Yet many people believe that if they are using macOS they are safe and should not be concerned about getting infected. Even though malware for macOS is years behind Windows malware in the sense of sophistication, complexity and number of infections, macOS malware is becoming more sophisticated as time goes by. Furthermore, it uses more ways to infect, evade and abuse the macOS architecture to deliver malware, for example - using applications signed with legitimate Apple developer certificates to avoid detection.
AMSI.fail generates obfuscated PowerShell snippets that break or disable AMSI for the current process. The snippets are randomly selected from a small pool of techniques/variations before being obfuscated. Every snippet is obfuscated at runtime/request so that no generated output share the same signatures.
Malpedia is a free service offered by Fraunhofer FKIE. The primary goal of Malpedia is to provide a resource for rapid identification and actionable context when investigating malware. Openness to curated contributions shall ensure an accountable level of quality in order to foster meaningful and reproducible research.
Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.
Ransomware.live monitors the extortion sites used by ransomware groups. The information posted on this website is dynamically updated in near real-time.
A mix of in-depth nuanced takes on current events and highly technical original research by Marcus Hutchins. I cover a wide array of topics such as vulnerability research, threat intelligence, national security, reverse engineering, and Windows internals.
Explore Triage's Malware Analysis Sandbox to dissect your malware samples. Access malware trends, and a customizable environment for in-depth analysis and classification.
Learn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.
Expert insight, best practices and advice on cloud native security, trends, threat intelligence and compliance.
A site for sharing packet capture (pcap) files and malware samples. I started this blog in 2013 to share pcaps and malware samples. Due to issues with Google, I've had to take most all blog posts downfrom 2013 through 2018, and I've been slowly restoring these pages using a new pattern for the password-portected zip archives.
Ransomwatch trails the extortion sites used by ransomware groups and surfaces an aggregated feed of claims.
Ransomwhere is the open, crowdsourced ransomware payment tracker. Browse and download ransomware payment data or help build our dataset by reporting ransomware demands you have received.
Atomic Red Team™ is library of tests mapped to the MITRE ATT&CK framework. Security teams can use Atomic Red Team to quickly, portably, and reproducibly test their environments.
This encyclopedia contains the description of anti-debug tricks which work on the latest Windows releases with the most popular debuggers (such as OllyDbg, WinDbg, x64dbg). Deprecated techniques (e.g. for SoftICE, etc.) are not included (despite all the love to SoftICE).
Stay up-to-date with industry insights and trends by reading Analyst1's informative blog. Explore our extensive range of topics and stay informed.
HijackLibs provides an curated list of DLL Hijacking candidates, mappings between DLLs and vulnerable executables, with additional metadata for more context. For defenders, this project can provide valuable information when trying to detect DLL Hijacking attempts; for red teamers, this project can help identify DLLs that can be used to achieve DLL Hijacking.
The RRA (Recent Ransomware Attacks) site acts as a watchtower, providing near real-time ransomware tracking of attacks, groups and their victims. Given threat actors' overarching. lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
A cybersecurity and technology news platform that also publishes in-depth guides, tutorials, and reviews.