Home

Awesome

<h2><a id="user-content-online-scanners-and-sandboxes" class="anchor" href="#online-scanners-and-sandboxes" aria-hidden="true"><svg aria-hidden="true" class="octicon octicon-link" height="16" version="1.1" viewBox="0 0 16 16" width="16"><path fill-rule="evenodd" d="M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z"></path></svg></a>Malware Sandboxes & Malware Source</h2> <p><em>Archive berikut adalah share Link Analisa Malware menggunakan metode Sandboxing dan juga share link beberapa situs yang share source code malware</em></p> <h2><a id="user-content-archive" class="anchor" href="#archive" aria-hidden="true"><svg aria-hidden="true" class="octicon octicon-link" height="16" version="1.1" viewBox="0 0 16 16" width="16"><path fill-rule="evenodd" d="M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z"></path></svg></a>Archive</h2> <ul> <li><a href="#malware-analysis-sandbox">AMalware Analysis - Sandboxing</a></li> <li><a href="#malware-online-analysis---sandbox--mask">( Online ) Malware Analysis - Sandbox</a></li> <li><a href="#malware--sources">Malware Sources</a></li> <h2><a id="user-content-malware-analysis-sandbox" class="anchor" href="#malware-analysis-sandbox" aria-hidden="true"><svg aria-hidden="true" class="octicon octicon-link" height="16" version="1.1" viewBox="0 0 16 16" width="16"><path fill-rule="evenodd" d="M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z"></path></svg></a>Malware Analysis - Sandboxing</h2> <table> <thead> <tr> <th>URL</th> <th>INFO</th> </tr> </thead> <tbody> <tr> <td><a href="https://www.cuckoosandbox.org/">Cuckoo Sandbox</a></td> <td>Open source, self hosted sandbox and automated analysis system.</a></td> </tr> <tr> <td><a href="https://github.com/KoreLogicSecurity/mastiff">Mastiff</a></td> <td>Static analysis of malware.</a></td> </tr> <tr> <td><a href="https://github.com/SekoiaLab/Fastir_Collector">Fastir</a></td> <td>This tool collects different artefacts on live Windows and records the results in csv files. </a></td> </tr> <tr> <td><a href="https://github.com/dzzie/SysAnalyzer">SysAnalyser</a></td> <td>Application that was designed to give malcode analysts an automated tool</a></td> </tr> <tr> <td><a href="https://github.com/viper-framework/viper">Viper</a></td> <td>Binary analysis and management framework</a></td> </tr> <tr> <td><a href="http://zeltser.com/reverse-malware/automated-malware-analysis.html">Zeltser analysis</a></td> <td>Automated Malware Analysis</a></td> </tr> <tr> <td><a href="https://github.com/JusticeRage/Manalyze">Manalyze</a></td> <td>Manalyze started when antivirus tried to quarantine malware sample collection for the thirtieth time</a></td> </tr> <tr> <td><a href="http://irma.quarkslab.com/">Quarkslab IRMA</a></td> <td>Asynchronous and customizable analysis platform for suspicious files!</a></td> </tr> <tr> <td><a href="https://github.com/m4rco-/dorothy2">Dorothy2</a></td> <td>A malware/botnet analysis framework written in Ruby.</a></td> </tr> <tr> <td><a href="https://github.com/F-Secure/see">F-Secure see</a></td> <td>Sandboxed Execution Environment</a></td> </tr> <tr> <td><a href="https://github.com/Rurik/Noriben">Noriben</a></td> <td>hPython-based script that works in conjunction with Sysinternals Procmon</a></td> </tr> <tr> <td><a href="https://github.com/rieck/malheur">Malheur</a></td> <td>Automatic Analysis of Malware Behavior</a></td> </tr> <tr> <td><a href="https://github.com/tklengyel/drakvuf">Drakvuf</a></td> <td>Virtualization based agentless black-box binary analysis system.</a></td> </tr> <tr> <td><a href="http://zerowine-tryout.sourceforge.net/">Zero Wine Tryouts</a></td> <td>Zero Wine Tryouts is an open source malware analysis tool.</a></td> </tr> <tr> <td><a href="http://www.cwsandbox.org">CWSandbox</a></td> <td>A “sandbox”, as it relates to computer security, is a designated, separate and restricted environment</a></td> </tr> <tr> <td><a href="https://github.com/malwarelu/malwasm">Malwasm</a></td> <td>Offline debugger for malware's reverse engineering</a></td> </tr></tbody></table> <h2><a id="user-content-malware-online-analysis---sandbox--mask" class="anchor" href="#malware-online-analysis---sandbox--mask" aria-hidden="true"><svg aria-hidden="true" class="octicon octicon-link" height="16" version="1.1" viewBox="0 0 16 16" width="16"><path fill-rule="evenodd" d="M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z"></path></svg></a>( Online ) Malware Analysis - Sandbox</h2> <table> <thead> <tr> <th>URL</th> <th>INFO</th> </tr> </thead> <tbody> <tr> <td><a href="https://malwr.com/submission/">Malwr</a></td> <td>Free analysis with an online Cuckoo Sandbox instance.</td> </tr> <tr> <td><a href="https://www.hybrid-analysis.com/">Hybrid analysis</a></td> <td>Online malware analysis tool, powered by VxSandbox.</td> </tr> <tr> <td><a href="http://www.virscan.org/">Virscan</a></td> <td>FREE on-line scan service, which checks uploaded files for malware, using antivirus engines, indicated in the VirSCAN list.</td> </tr> <tr> <td><a href="http://virusade.com/">Virusade</a></td> <td>Hosted virus scanning for developers</td> </tr> <tr> <td><a href="http://www.virustotal.com/">VirusTotal</a></td> <td>Free online analysis of malware samples and URLs</td> </tr> <tr> <td><a href="http://malwareconfig.com/">Malwareconfig</a></td> <td>Online malware analysis samples</td> </tr> <tr> <td><a href="http://detux.org/">Detux GNU/Linux sandbox</a></td> <td>sandbox developed to do traffic analysis of the Linux malwares and capture the IOCs by doing so. QEMU hypervisor is used to emulate Linux (Debian) for various CPU architectures.</td> </tr> <tr> <td><a href="https://andrototal.org/">AndroTotal</a></td> <td>Free online analysis of APKs against multiple mobile antivirus apps.</td> </tr> <tr> <td><a href="https://consumer.valkyrie.comodo.com/">Comodo</a></td> <td>malware detection techniques Valkyrie conducts several analysis using run-time behavior and hundreds</td> </tr> <tr> <td><a href="https://manalyzer.org/">Manalyzer</a></td> <td>Free service which performs static analysis on PE executables to detect undesirable behavior.</td> </tr> <tr> <td><a href="https://id-ransomware.malwarehunterteam.com/">ID Ransomware</a></td> <td>Upload a ransom note and/or sample encrypted file to identify the ransomware that has encrypted your data.</td> </tr> <tr> <td><a href="http://www.document-analyzer.net/">Document Analyzer</a></td> <td>Free dynamic analysis of DOC and PDF files.</td> </tr> <tr> <td><a href="http://www.cryptam.com/">Cryptam</a></td> <td>Analyze suspicious office documents.</td> </tr> <tr> <td><a href="https://www.metadefender.com/#!/scan-file">Metascan</a></td> <td>Scan a file, hash or IP address for malware (free)</td> </tr> <tr> <td><a href="http://virusscan.jotti.org/it">Jotti</a></td> <td>Free online multi-AV scanner.</td> </tr> <tr> <td><a href="https://www.vicheck.ca/">PDF Examiner</a></td> <td>Suspected malware to be fed into our analysis network.</td> </tr> <tr> <td><a href="http://www.pdfexaminer.com/">PDF examiner</a></td> <td>Analyse suspicious PDF files.</td> </tr> <tr> <td><a href="https://www.malwaretracker.com">Malware tracker</a></td> <td>Provides malware analysis, forensics, and security solutions for enterprise.</td> </tr></tbody></table> <h2><a id="user-content-malware--sources" class="anchor" href="#malware--sources" aria-hidden="true"><svg aria-hidden="true" class="octicon octicon-link" height="16" version="1.1" viewBox="0 0 16 16" width="16"><path fill-rule="evenodd" d="M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z"></path></svg></a>Malware Sources</h2> <table> <thead> <tr> <th>URL</th> <th>INFO</th> </tr> </thead> <tbody> <tr> <td><a href="http://cybercrime-tracker.net/">http://cybercrime-tracker.net/</a></td> <td>Cybercrime tracker</td> </tr> <tr> <td><a href="http://malc0de.com/database/">http://malc0de.com/database/</a></td> <td>Malc0de</td> </tr> <tr> <td><a href="http://malwaredb.malekal.com/">http://malwaredb.malekal.com/</a></td> <td>Malekal</td> </tr> <tr> <td><a href="http://malshare.com">http://malshare.com</a></td> <td>Malshare</td> </tr> <tr> <td><a href="http://tracker.h3x.eu/">http://tracker.h3x.eu/</a></td> <td>Tracker</td> </tr> <tr> <td><a href="http://www.kernelmode.info">http://www.kernelmode.info</a></td> <td>Kernel mode</td> </tr> <tr> <td><a href="https://www.botnets.fr/wiki/Main_Page">https://www.botnets.fr/wiki/Main_Page</a></td> <td>Botnet.fr</td> </tr> <tr> <td><a href="http://www.exposedbotnets.com/">http://www.exposedbotnets.com/</a></td> <td>Exposed Botnets</td> </tr> <tr> <td><a href="http://malware.dontneedcoffee.com/">http://malware.dontneedcoffee.com/</a></td> <td>Dont need coffee</td> </tr> <tr> <td><a href="http://vxvault.net/">http://vxvault.net/</a></td> <td>VX Vault</td> </tr> <tr> <td><a href="https://github.com/ytisf/theZoo/tree/master/malwares/Binaries">https://github.com/ytisf/theZoo/tree/master/malwares/Binaries</a><td>Malware binaries</td> </td> </tr> <tr> <td><a href="https://totalhash.cymru.com/">https://totalhash.cymru.com/</a></td> <td>Total hash</td> </tr> <tr> <td><a href="https://zeustracker.abuse.ch">https://zeustracker.abuse.ch</a></td> <td>ZeuS Tracker</td> </tr> <tr> <td><a href="https://cse.google.com/cse/home?cx=011750002002865445766%3Apc60zx1rliu">https://cse.google.com/cse/home?cx=011750002002865445766%3Apc60zx1rliu</a> (from Corey Harrell)</td> <td>Custom Google search engine</td> </tr> <tr> <td><a href="https://archive.org/details/malwaremuseum">https://archive.org/details/malwaremuseum</a></td> <td>Malware museum</td> </tr> <tr> <td><a href="https://ransomwaretracker.abuse.ch/tracker/">https://ransomwaretracker.abuse.ch/tracker/</a></td> <td>Ransomware tracker</td> </tr> <tr> <td><a href="https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pubhtml#">https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pubhtml#</a></td> <td>Ransomware overview</td> </tr> <tr> <td><a href="https://shinolocker.com/">https://shinolocker.com/</a></td> <td>Ransomware simulator</td> </tr> <tr> <td><a href="http://contagiodump.blogspot.se/">http://contagiodump.blogspot.se/</a></td> <td>Contagio</td> </tr> <tr> <td><a href="http://virusshare.com/">http://virusshare.com/</a></td> <td>VirusShare</td> </tr> <tr> <td><a href="http://www.virusign.com/">http://www.virusign.com/</a></td> <td>Virusign</td> </tr> <tr> <td><a href="http://www.malwaredomainlist.com">http://www.malwaredomainlist.com</a></td> <td>Malware domain list</td> </tr> <tr> <td><a href="https://malware.lu/">https://malware.lu/</a></td> <td>Malware.lu</td> </tr> <tr> <td><a href="https://github.com/MISP/MISP">https://github.com/MISP/MISP</a></td> <td>MISP</td> </tr> <tr> <td><a href="http://www.malware.pl/">http://www.malware.pl/</a> - <a href="https://www.scumware.org/">https://www.scumware.org/</a></td> <td>SafeGroup</td> </tr> <tr> <td><a href="http://minotauranalysis.com">http://minotauranalysis.com</a></td> <td>NovCon Minotaur</td> </tr> <tr> <td><a href="http://support.clean-mx.de/clean-mx/viruses.php">http://support.clean-mx.de/clean-mx/viruses.php</a></td> <td>Clean MX</td> </tr> <tr> <td><a href="http://panda.gtisc.gatech.edu/malrec/">http://panda.gtisc.gatech.edu/malrec/</a></td> <td>Edu malrec</td> </tr> <tr> <td><a href="https://www.abuse.ch/">https://www.abuse.ch/</a></td> <td>Abuse CH</td> </tr> <tr> <td><a href="http://www.offensivecomputing.net/">http://www.offensivecomputing.net/</a></td> <td>Offensive computing</td> </tr> <tr> <td><a href="http://www.malwaredomains.com">http://www.malwaredomains.com</a></td> <td>Malware domain blocklist</td> </tr> <tr> <td><a href="https://github.com/technoskald/maltrieve">https://github.com/technoskald/maltrieve</a></td> <td>Maltrieve</td> </tr> <tr> <td><a href="https://stixproject.github.io/">https://stixproject.github.io/</a></td> <td>Structured Threat Information eXpression</td> </tr> <tr> <td><a href="https://ytisf.github.io/theZoo/">https://ytisf.github.io/theZoo/</a></td> <td>The Zoo aka Malware DB</td> </tr> <tr> <td><a href="https://github.com/0day1day/mwcrawler">https://github.com/0day1day/mwcrawler</a></td> <td>Tool Mwcrawler</td> </tr></tbody></table>

Thanks!