awesome-repositories.com
Blog
awesome-repositories.com

Entdecke die besten Open-Source-Repositories mit KI-gestützter Suche.

EntdeckenKuratierte SuchenOpen-Source-AlternativenSelf-hosted SoftwareBlogSitemap
ProjektÜber unsRanking-MethodikPresseMCP-Server
RechtlichesDatenschutzAGB
© 2026 Bringes Technology SRL·VAT RO45896025·hello@awesome-repositories.com
·

9 Repos

Awesome GitHub RepositoriesMalware Analysis Tools

Specialized software for inspecting suspicious binaries to identify malicious behavior.

Distinguishing note: Focuses on security research and threat investigation.

Explore 9 awesome GitHub repositories matching security & cryptography · Malware Analysis Tools. Refine with filters or upvote what's useful.

Awesome Malware Analysis Tools GitHub Repositories

Finde die besten Repos mit KI.Wir suchen mit KI nach den am besten passenden Repositories.
  • skylot/jadxAvatar von skylot

    skylot/jadx

    49,088Auf GitHub ansehen↗

    Jadx is a comprehensive Java decompilation suite designed to transform compiled binary application files into readable source code. It functions as a static analysis workbench, providing a graphical interface for navigating, searching, and inspecting the internal logic of complex software packages. By utilizing a bytecode-to-Java pipeline, the project reconstructs high-level logical structures from low-level binary instructions, making it a primary tool for Android application reverse engineering. The project distinguishes itself through a sophisticated control flow reconstruction engine and

    Inspects suspicious application packages to identify malicious behavior and track data exfiltration.

    Javaandroiddecompilerdex
    Auf GitHub ansehen↗49,088
  • mobsf/mobile-security-framework-mobsfAvatar von MobSF

    MobSF/Mobile-Security-Framework-MobSF

    21,224Auf GitHub ansehen↗

    Mobile Security Framework is an automated security testing platform designed for the analysis of Android, iOS, and Windows mobile application binaries. It functions as a comprehensive suite for identifying security vulnerabilities, privacy risks, and malicious code within mobile software packages. The framework distinguishes itself by combining static and dynamic analysis techniques to evaluate application behavior. It performs static inspection of source code and binaries to detect insecure patterns, while simultaneously utilizing dynamic instrumentation and containerized sandboxing to monit

    Functions as a security platform for identifying malicious code, insecure configurations, and privacy vulnerabilities in mobile software.

    JavaScriptandroid-securityapi-testingapk
    Auf GitHub ansehen↗21,224
  • rshipp/awesome-malware-analysisAvatar von rshipp

    rshipp/awesome-malware-analysis

    13,864Auf GitHub ansehen↗

    This project is a comprehensive, community-driven directory of open-source tools, datasets, and documentation for malware analysis and cybersecurity research. It serves as a centralized index for security professionals and researchers to locate resources for investigating, reverse engineering, and analyzing malicious software. The directory organizes information through a structured taxonomy, covering specialized domains such as memory forensics, network traffic inspection, and honeypot threat research. By aggregating links to external utilities and frameworks, it provides a platform-agnostic

    Curates a comprehensive directory of tools and datasets for investigating malicious software.

    analysis-frameworkautomated-analysisawesome
    Auf GitHub ansehen↗13,864
  • pxb1988/dex2jarAvatar von pxb1988

    pxb1988/dex2jar

    13,112Auf GitHub ansehen↗

    dex2jar is an Android dex decompiler and reverse engineering tool designed to convert Dalvik executable bytecode into Java class files. It functions as a bytecode converter that transforms compiled Android binaries into a format compatible with standard Java analysis tools. The project facilitates Android app decompilation and Java bytecode recovery by translating executable files into readable structures. This allows for the analysis of application logic and the identification of security vulnerabilities or malicious behavior during Android malware analysis. The tool performs static bytecod

    Transforms executable dex files into readable code to identify malicious behavior and security vulnerabilities.

    Java
    Auf GitHub ansehen↗13,112
  • virustotal/yaraAvatar von VirusTotal

    VirusTotal/yara

    9,420Auf GitHub ansehen↗

    YARA is a pattern matching engine and binary analysis tool used to identify and classify malware samples. It functions as a malware research framework that allows for the definition of file descriptions and detection rules to find indicators of compromise within binaries. The system enables the creation of custom detection rules using strings, wildcards, and regular expressions. These rules use boolean logic to match textual or binary patterns, allowing for the classification of files into specific malware families and the automation of threat intelligence. The engine utilizes Aho-Corasick s

    Provides a specialized tool for identifying and classifying malware samples using boolean logic.

    Cyara
    Auf GitHub ansehen↗9,420
  • de4dot/de4dotAvatar von de4dot

    de4dot/de4dot

    7,428Auf GitHub ansehen↗

    de4dot is a .NET deobfuscator and unpacker designed to reverse obfuscation and restore readable code and metadata within .NET assemblies. It functions as a bytecode analyzer that simplifies control flow, strips anti-debugging protections, and extracts original payloads from packed executable wrappers. The project distinguishes itself through a modular deobfuscation pipeline and a sandbox environment used for dynamic string decryption, which executes decryption methods to replace encrypted strings with plain-text values. It can identify specific obfuscation tools through pattern-based binary a

    Provides tools for inspecting suspicious .NET binaries to extract payloads and study malicious behavior.

    C#
    Auf GitHub ansehen↗7,428
  • fireeye/flare-flossAvatar von fireeye

    fireeye/flare-floss

    4,054Auf GitHub ansehen↗

    Dieses Projekt ist ein Tool zur binären statischen Analyse, das darauf ausgelegt ist, versteckte und nicht standardmäßig kodierte Strings aus kompilierten Binärdateien wiederherzustellen. Es fungiert als Malware-Analyse-Utility und String-Decryptor, der verschleierten Text extrahiert, um verborgenes Programmverhalten offenzulegen, ohne den Code auszuführen. Das Tool automatisiert die Wiederherstellung eingebetteter Strings durch eine Kombination aus emulierter Befehlsausführung und der Auswertung abstrakter Syntaxbäume. Es nutzt musterbasierte heuristische Erkennung, um Obfuskationsroutinen zu identifizieren, und verwendet plattformübergreifendes Binär-Parsing, um mehrere ausführbare Formate zu verarbeiten. Das System deckt ein breites Spektrum forensischer Fähigkeiten ab, einschließlich sprachspezifischer String-Extraktion und der Serialisierung wiederhergestellter Daten in Formate, die mit externen Sicherheitsanalyseplattformen kompatibel sind.

    Serves as a specialized tool for inspecting suspicious binaries to identify hidden strings and malicious behavior.

    Python
    Auf GitHub ansehen↗4,054
  • apklab/apklabAvatar von APKLab

    APKLab/APKLab

    3,878Auf GitHub ansehen↗

    APKLab is an integrated security analysis platform and reverse engineering IDE for Android applications. It provides a unified environment for decompiling binaries into source code, repackaging modified applications into signed installers, and performing comprehensive security analysis. The platform distinguishes itself by combining static and dynamic analysis workflows. It enables the injection of runtime hooks and gadget libraries to monitor application behavior, while providing specialized patching capabilities to intercept and decrypt encrypted network traffic via a proxy. The toolkit co

    Uses specialized engines to scan Android binaries for malicious behavior and known malware patterns.

    TypeScript
    Auf GitHub ansehen↗3,878
  • mandiant/flare-flossAvatar von mandiant

    mandiant/flare-floss

    3,886Auf GitHub ansehen↗

    Flare-floss is a security utility and static binary string extractor designed to uncover hidden text and configuration data within compiled binaries. It functions as an obfuscated string decoder and reverse engineering tool to translate encoded strings into readable text for security auditing. The project employs emulated execution to capture the decrypted state of strings in memory by running small chunks of binary code in a virtual CPU. It further utilizes static analysis disassembly, intermediate representation analysis, and heuristic-based pattern matching to identify and decode strings t

    Acts as a security utility designed to uncover hidden configuration data within malicious software samples.

    Pythondeobfuscationflaregsoc-2026
    Auf GitHub ansehen↗3,886
  1. Home
  2. Security & Cryptography
  3. Malware Analysis Tools