Malware Resources. Personal collection of. Awesome and curated (hopefully).
- Unprotect Project
- Malware Behavior Catalog (MBC)
- Evasion Techniques
- Anti-Debug Tricks
- Malapi.io
- cocomelonc (malware development/malware tricks)
- ATT&CK Tactics
- ATT&CK Techniques
- Malware Showcase
- Persistence:
- Processes:
- DLL:
- theZoo
- malware-samples
- malware-samples
- malware-samples
- the-malware-repo
- malware-sample-library
- malware-feed
- Al-Khaser
- Pafish
- ShowStopper: Tool to explore and test anti-debug techniques.
- InviZzzible
- Tiny11builder: Scripts to build a trimmed-down Windows 11 image.
- TitanHide
- Mandiant CAPA
- HashDB
- PE-sieve
- PE-bear
- C++ Library that offers Debugger Detection (cpp-anti-debug)
- Debloat-Windows-10: This project collects PowerShell scripts which help to debloat Windows 10, tweak common settings and install basic software components.
- Win11Debloat
- Sophia-Script-for-Windows
- Windows10Debloater (archived by the owner on Sep 21, 2023).
- ShutUp10++ (Proprietary free software)
- Blackbird (Proprietary free software)
- Privatezilla
- Win Debloat Tools
- bloatbox
- WindowsSpyBlocker
- priv10
- Compilation of even more related tools.
- Windwos API (and categories) in JSON format
- Repo has been moved to Windows API and Syscalls categories. Leaving the link here in case GitHub stops redirecting at some point
- Windows System Call Tables
- Windows API Function Cheatsheets
- NTAPI Undocumented Functions
- (undocumented) NTInternals.click (Not working anymore)
- NtDoc
- ntoskrnl
- nt
- Malware Unicorn
- How to start RE/malware analysis?
- Malware Training Vol 1.
- Malware-Analysis-Training
- Zero2Automated (Affordable)
- Maldev Academy (Affordable)
- PWN College
- Nightmare Course (intro to binary exploitation / reverse engineering)
- Comprehensive Reverse Engineering tutorial
- Win32API Reverse Engineering tutorial
- Fuzzy Security
- Binary Exploitation notes by ir0nstone
- CTF101 - Binary Explitation
- Reverse Engineering for Everyone
- Windows x64 Reverse Engineering
- Linux Exploitation Course
- CS6265: Information Security Lab
- Overviw of GLIBC heap exploitation techniques
- Fundamentals of Malware Analysis Course Online For Free tutorial With Certificate
- Malware Analysis, from Open Security Training
- The "Ultimate" Anti-Debugging reference
- Anti-debugging--a developers view
- The (Anti-)EDR Compendium
- Scientific but not academical overview of malware anti-debugging, anti-disassembly and anti-vm technologies
- Advanced or Not? A Comparative Study of the Use of Anti-debugging and Anti-VM Techniques in Generic and Targeted Malware
- Towards an understanding of anti-virtualization and anti-debugging behavior in modern malware
- A Survey On Automated Dynamic Malware Analysis Evasion and Counter-Evasion: PC, Mobile, and Web
- Malware Dynamic Analysis Evasion Techniques: A Survey
- Software Protection through Anti-Debugging
- Anti-Unpacker Tricks
- Reverse Engineering Reference Manual-- Anti-Analysis chapter
- The Art of Unpacking
- Resurrecting anti-virtualization and anti-debugging: Unhooking your hooks
- Defeating Anti-Debugging Techniques for Malware Analysis Using a Debugger
- An evaluation of anti-evasion techniques implemented in malware analysis sandboxes and debuggers
- Towards an Understanding of Anti-virtualization and Anti-debugging Behavior in Modern Malware
- A Systematical and longitudinal study of evasive behaviors in windows malware
- Longitudingal Study of the Prevalence of MAlware Evasive Techniques
- Awesome Malware Techniques
- Curated List of Malware Analysis Resources
- Malware Analysis Resources
- Malware Analysis Resources
- Windows API
- Windows Native API
- ntoskrnl.exe
- Architecture of Windows NT
- System Service DEscriptor Table (SSDT)
- NTDLL
- Native API Functions
- Nt vs. Zw - Clearing Confusion on the Native API
- A Syscall Journey in the Windows Kernel
- Windows Internals:.
- Windows Native API: When and why use Zw vs Nt prefixed api calls?
- Using Nt and Zw Versions of the Native System Services Routines
- Inside Windows debugging : a practical guide to debugging and tracing strategies in Windows by Tarik Soulami.