Home

Awesome

malware-gems

NOTE: WORK IN PROGRESS! (Updated 19 July 2022)

What's this all about?

This page contains a list of mostly malware analysis / reverse engineering related tools, training, podcasts, blog posts, literature and just about anything else closely related to the topic. This page serves as a catalog of sorts, containing "gems", some of which you may have stumbled across, and many others that you may not have.

Who is this page aimed at?

Myself:

When first starting out, I was overwhelmed by how malware/RE related material was somewhat scattered all over the Internet. With a limited availability of books and training, I started to collect my go-to sites for certain resources and tools in order to achive certain tasks.

Beginners:

I often get asked "how do you get started in malware analysis / RE". I'm hoping this list will provide a starting point at least. Anyone who has been practicing malware analysis for even a small amount of time, knows that there really is no single resource or location that will simply teach the art of malware analysis / RE. Plain and simple. That said, having a useful list of links is at least a starting point. However, one caveat is that this list should NOT replace your OWN time spent researching and learning by yourself. This is very much part of "the journey" towards becomming a better malware analyst / RE, similar to that of becomming a l33t h4x0r! ;)

Anyone else:

Regardless of skill/experience level, even the more experienced malware analyst / RE may hopefully find one or two useful gems on this page that they haven't yet stumbled across. This is where the name "malware-gems" originated from... Original, I know.. ;)

Isn't this similar to other "awesome" lists that exist on Github?

Perhaps. While the various awesome "awesome" lists (as awesome as they are) gave me inspiration, I wanted to centralise my own tools/links etc due to growing my own malware analysis skills, in the hope that once I have things in one page, things may hopefully become a bit clearer in my head! In some ways, as awesome as the other various "awesome" lists are, I hope that this list will in itself be just as awesome, due to the fact that the this reflects a true and current representation of a malware analyst such as myself, who is building up their own knowledge with active links to tools, reading material etc!

Anything else?

If you have any feedback or would like your site listed, feel free to reach out via Twitter. Twitter handle: 0x4143

Disclaimer:

Books:

CheatSheets/Tables:

CTF's:

Decoders:

Debuggers:

Disassemblers:

Document Analysis Tools:

Dynamic/Behavioural Analysis Tools:

Funny/Random:

Honeypots:

ICS:

IDA:

IOT:

IR:

JavaScript Deobfuscation Tools:

LNK File Analysis:

MAC:

Malware Repo's:

Maps / Stats (eye candy):

Memory Forensics:

Misc Tools:

.Net Debuggers/Decompilers:

Network Analysis:

Operating Systems:

OSINT Online Tools:

Password Cracking:

Podcasts:

PowerShell decoding:

Ransomware:

Reading Material:

Sandbox Tools (Online):

Sandbox Tools (Offline):

Shellcode Tools:

Static Analysis Tools:

Text/hex Editor Tools:

Threat Intelligence:

Training:

Unpacking:

VBA Deobfuscation Tools:

Video:

XOR Decoding Tools:

Yara Related: