Threat-Intelligence-Analyst
威胁情报,恶意样本分析,自动化python脚本,开源Malware代码收集,APT攻击安例相关
TI威胁情报
Analyzing Malicious Password Protected Office Documents
https://r3mrum.wordpress.com/2017/06/29/analyzing-malicious-password-protected-office-documents/
Hack
https://github.com/Hack-with-Github/Awesome-Hacking
恶意软件分析大合集
https://github.com/rshipp/awesome-malware-analysis
https://github.com/wtsxDev/Malware-Analysis
https://github.com/CHYbeta/Software-Security-Learning
LifeOfBinarie
http://www.opensecuritytraining.info/LifeOfBinaries.html
PNG Payload
https://www.anquanke.com/post/id/166451
Malware Sample Source
https://zeltser.com/malware-sample-sources/
Malware Analyst
Malware分析文章
http://reversingminds-blog.logdown.com/
https://cysinfo.com/category/training/malware-analysis/
恶意样本分析
http://blog.nsfocus.net/malware-sample-analysis-summary/
Resources for Learning Reverse Engineering
http://jackson-t.ca/re-resources.html
病毒分类
https://www.virusradar.com/en/glossary
在线检测恶意软件网站
https://www.hybrid-analysis.com/
https://www.virustotal.com/#/home/upload
https://www.reverse.it/
https://www.maldun.com/submit/submit_file/
https://habo.qq.com/
https://www.joesandbox.com/
https://virusscan.jotti.org/
http://www.threatexpert.com/submit.aspx
http://virscan.org/
https://any.run/
https://id-ransomware.malwarehunterteam.com/
https://www.vmray.com
用命令行与Python使用YARA规则-识别恶意木马必备
https://bbs.pediy.com/thread-223070.htm
ida视频
http://hdvidzpro.pro/video/ida-tutorial
恶意样本分析
https://secrary.com/ReversingMalware/CoinMiner/
https://secrary.com/ReversingMalware
https://secrary.com/ReversingMalware/Upatre/
https://secrary.com/ReversingMalware/Mamba/
https://secrary.com/ReversingMalware/UnpackingShade/
https://secrary.com/ReversingMalware/Enosch/
https://www.anquanke.com/post/id/87172
http://blog.talosintelligence.com/2017/11/zeus-panda-campaign.html
Malware Sample Sources for Researchers
https://zeltser.com/malware-sample-sources/
List of Malware Sources
http://www.kernelmode.info/forum/viewtopic.php?f=16&t=308
WMI BackDoor
https://www.eideon.com/2018-03-02-THL03-WMIBackdoors/
IDA
http://kingerwu.com/2017/12/16/IDA%E6%93%8D%E4%BD%9C%E7%9F%A5%E8%AF%86%E8%AE%B0%E5%BD%95/#more
malware analysis labs
https://cybersecweb.wordpress.com/2016/07/12/malware-analysis-labs/
Exploitation Archives
https://rootkits.xyz/blog/tag/exploitation/
Exploits
https://0xrick.github.io/binary-exploitation/bof2/
VMP/TMD Unpack
OD调试过VMProtect虚拟机检测教程
https://www.52pojie.cn/thread-411742-1-1.html
TMD壳的脱壳(可能是2.1.8)
https://www.52pojie.cn/thread-675279-1-1.html
VMP v3.0.9过VMware检测
https://www.52pojie.cn/thread-635613-1-4.html
分析一个新型VM的CrackMe
https://www.52pojie.cn/thread-695729-1-1.html
MIPS 路由器木马
http://www.freebuf.com/articles/network/88798.html
勒索软件信息
https://www.botfrei.de/de/ransomware/galerie.html
Linux Kernel Debug
https://bbs.pediy.com/thread-226139.htm
PowerShell
https://docs.microsoft.com/zh-cn/powershell/scripting/powershell-scripting?view=powershell-6
Limon Sandbox For Analyzing Linux Malwares
https://malware-unplugged.blogspot.com/2015/11/limon-sandbox-for-analyzing-linux.html
https://www.blackhat.com/docs/eu-15/materials/eu-15-KA-Automating-Linux-Malware-Analysis-Using-Limon-Sandbox-wp.pdf
https://www.youtube.com/watch?v=fSCKyF--tRs&feature=youtu.be
Advanced Malware Analysis
https://cysinfo.com/category/training/advanced-malware-analysis/
WMI POWERSHELL 挖矿
http://www.freebuf.com/articles/network/163233.html
CTF
http://eternalsakura13.com/2018/03/21/lctf2/
CoinMiner
Linux.挖矿.cpuminer方法记录
http://www.bubuko.com/infodetail-2167951.html
Compile CPUminer under Linux CentOS
https://rumorscity.com/2014/01/04/compile-and-install-cpuminer-on-linux-centos/
搭建Redis&Minerd安全应急演练环境
http://www.freebuf.com/sectool/156904.html
centos 6.3 64位下cpuminer +mining_proxy 挖掘莱特币(LTC)教程
https://www.cnblogs.com/sixiweb/archive/2013/12/02/3454564.html
coinotron
https://www.coinotron.com
NET Malware
https://blogs.cisco.com/security/talos/reversing-multilayer-net-malware
URL
https://urlhaus.abuse.ch/browse/
Yara
http://www.freebuf.com/articles/system/26373.html
https://github.com/plusvic/yara/releases/tag/v2.0.0
https://yara.readthedocs.io/en/v3.5.0/gettingstarted.html
https://analysis.yararules.com/
https://github.com/Yara-Rules/rules
https://www.bsk-consulting.de/2015/02/16/write-simple-sound-yara-rules/
https://www.bsk-consulting.de/2015/10/17/how-to-write-simple-but-sound-yara-rules-part-2/
https://www.bsk-consulting.de/2016/04/15/how-to-write-simple-but-sound-yara-rules-part-3/
教你构建自己的yara数据库
基础反调试技术总结
https://bbs.pediy.com/thread-212371.htm
ARM Exploit
http://www.freebuf.com/articles/terminal/107276.html
Linux下莱特币Litecoin挖矿教程
https://blog.linuxeye.cn/385.html
Linux 莱特币LTC CPU挖掘教程
http://www.iitshare.com/linux-litecoin-ltc-mining-tutorial.html
以太坊Linux系统挖矿教程
http://www.8btc.com/gpu-mining
莱特币ltc挖矿教程:cpu挖矿与gpu挖矿(详细图文)
http://www.mnw.cn/news/digi/699354.html
勒索软件分析报告
File-Locker Ransomware
https://www.bleepingcomputer.com/news/security/file-locker-ransomware-targets-korean-victims-and-asks-for-50k-won/
层层抽丝——GlobeImposter勒索病毒分析
https://bbs.ichunqiu.com/thread-30152-1-1.html
轻轻脱掉你的衣--宏病毒的骚姿势
https://bbs.ichunqiu.com/thread-29739-1-2.html
揭秘Chimera勒索软件
http://www.freebuf.com/articles/system/112142.html
初步分析勒索软件ZEPTO
http://www.freebuf.com/articles/system/112328.html
新型恶意勒索软件cuteRansomware
http://www.freebuf.com/news/109242.html
使用AES-256加密算法的勒索软件SkidLocker分析
http://www.freebuf.com/articles/terminal/99153.html
NanoLocker勒索软件的逆向分析
http://www.freebuf.com/articles/network/94595.html
新型恶意勒索软件DMA Locker分析
http://www.freebuf.com/articles/network/96738.html
locky勒索软件恶意样本分析2
http://www.ithtw.com/thread-8888.htm
locky勒索软件恶意样本分析1
http://blog.topsec.com.cn/ad_lab/locky%E5%8B%92%E7%B4%A2%E8%BD%AF%E4%BB%B6%E6%81%B6%E6%84%8F%E6%A0%B7%E6%9C%AC%E5%88%86%E6%9E%90/
IoT安全:调试环境搭建教程(AArch64篇)
https://bbs.pediy.com/thread-229581.htm
Docker分析文章
Docker恶意软件分析系列之初识Docker
http://blog.sina.com.cn/s/blog_e8e60bc00102vl37.html
Docker恶意软件分析系列II:客户端风险分析
http://blog.sina.com.cn/s/blog_e8e60bc00102vlq7.html
Docker恶意软件分析系列III:用viper分析APK和木马信息
http://blog.sina.com.cn/s/blog_e8e60bc00102vm2p.html
Docker恶意软件分析系列Ⅳ:js反混淆分析
http://blog.sina.com.cn/s/blog_e8e60bc00102vmwi.html
Docker恶意软件分析系列V:ALICTF决赛题目设计
http://blog.sina.com.cn/s/blog_e8e60bc00102vnr0.html
Docker恶意软件分析系列VI:ALICTF决赛解题思路
http://blog.sina.com.cn/s/blog_e8e60bc00102vnr6.html
Android 加固分析
MalwareVbr
https://0x4954.wordpress.com/2017/12/03/dfir-tips-malwarevbr-vm/
JS混淆
http://relentless-coding.org/projects/jsdetox/samples
http://www.freebuf.com/column/157281.html
BitCode
Processon
RTFOBJ
https://www.decalage.info/python/rtfobj
Python
Linux Malware Analyst
http://blog.malwaremustdie.org/2016/11/linux-malware.html
Window Payload
http://www.freebuf.com/articles/system/156710.html
PowerShell
http://www.freebuf.com/articles/database/101267.html
http://www.freebuf.com/sectool/120675.html
http://www.freebuf.com/sectool/136328.html
http://www.freebuf.com/sectool/144824.html
http://www.freebuf.com/sectool/149835.html
PART 2A: INTRO TO THREAT HUNTING WITH KOLIDE FLEET, OSQUERY, POWERSHELL EMPIRE, AND CALDERA – SETUP ENVIRONMENT
R2
https://sec.xiaomi.com/article/30
Proxmox & Cuckoo
https://4d5a.re/proxmox-cuckoo-a-powerful-combo-for-your-home-malware-lab/
威胁情报网站
https://x.threatbook.cn/
https://ti.360.com/
https://www.threatminer.org/
恶意流量分析网站
http://www.malware-traffic-analysis.net
安全网站
ML Malware
http://www.covert.io/the-definitive-security-datascience-and-machinelearning-guide/
看雪知识库
https://www.kanxue.com/chm.htm
NET逆向
https://www.anquanke.com/post/id/89730
https://www.anquanke.com/post/id/90174
虚拟机检测技术攻防
http://blog.csdn.net/whatday/article/details/10393325
x86_64 Reverse-Engineering
https://leotindall.com/tutorial/an-intro-to-x86_64-reverse-engineering/
Unpacking Shade Ransomware
https://secrary.com/ReversingMalware/UnpackingShade/
DDoS
https://www.secpulse.com/archives/64088.html
https://www.secpulse.com/archives/65477.html
Android So
https://bbs.pediy.com/thread-221965.htm
VMWare
https://remnux.org/docs/distro/tools/
MalwareCookBook
https://github.com/mgoffin/malwarecookbook
Malware Analyst Research Toolkit
https://github.com/mboman/mart
SSMA - Simple Static Malware Analyzer
https://github.com/secrary/SSMA
Malicious traffic detection system
https://github.com/stamparm/maltrail
Collection of android malware samples - Android Samples
https://github.com/ashishb/android-malware
Malware Source
https://github.com/Chiggins/malware_sources
List of awesome malware analysis tools and resources
https://github.com/wtsxDev/Malware-Analysis
A collection of OSX and iOS security resources
https://github.com/kai5263499/osx-security-awesome
Malware
https://github.com/0xBADBAC0N/malware
ARM Emulate
https://salmanarif.bitbucket.io/visual/downloads.html
Static and automated/dynamic malware analysis
https://github.com/abdesslem/malwareHunter
Rootkits | Backdoors | Sniffers | Virus | Ransomware | Steganography | Cryptography | Shellcodes | Webshells | Keylogger | Botnets | Worms | Other Network Tools
https://github.com/vduddu/Malware
Malware Classifier From Network Captures
https://github.com/adulau/MalwareClassifier
Collection of scripts for different malware analysis tasks
https://github.com/deadbits/malware-analysis-scripts
POC Android Malware Ransomware/Recon
https://github.com/tfairane/AndroMalware
Repository containing Yara rules, indicators and tools from PhishMe Research
https://github.com/phishme/malware_analysis
Binaries for the book Practical Malware Analysis
https://github.com/mikesiko/PracticalMalwareAnalysis-Labs
Android Malware
https://github.com/virqdroid/Android_Malware
Malware Behavior Analyzer
https://github.com/GlacierW/MBA
Debian packaging of Linux Malware Detect
https://github.com/waja/maldetect
Scanning and identifying XOR encrypted PE files in PE resources
https://github.com/edix/MalwareResourceScanner
Windows Malware Rootkit
https://github.com/csurage/Rootkit
Malware static analysis framework
https://github.com/KoreLogicSecurity/mastiff
Harmless Android malware using the overlay technique to steal user credentials.
https://github.com/geeksonsecurity/android-overlay-malware-example
My personal Automated Malware Analysis Sandboxes and Services
https://github.com/ironbits/Automated-Malware-Analysis-List
Collection of almost 40.000 javascript malware samples
https://github.com/HynekPetrak/javascript-malware-collection
Code for Deep Android Malware Detection paper
https://github.com/niallmcl/Deep-Android-Malware-Detection
Various scripts for different malware families
https://github.com/sysopfb/Malware_Scripts
iOS malware samples
https://github.com/ashishb/ios-malware
An Android Eclipse project demonstrating how to build a simple anti-malware application
https://github.com/twitter-university/AntiMalware
VMWare
https://app.vagrantup.com/boxes/search
Windows Resource Download
Vulnhub
Windbg XP
http://blog.csdn.net/jiangdf/article/details/6843088
360报告
http://blogs.360.cn/blog/category/%E7%97%85%E6%AF%92%E5%88%86%E6%9E%90/
Ransomware
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-december-1st-2017-decryptors-btcware-and-more/
https://id-ransomware.malwarehunterteam.com/
IoT 门锁
https://larry.ngrep.me/2018/11/24/ble-sec-hackmelock/
VirtualKD
http://virtualkd.sysprogs.org/download/
OFFICE MALWARE/EXPLOIT
https://github.com/Screetsec/Microsploit
https://remnux.org/
https://r3mrum.wordpress.com/2017/06/29/analyzing-malicious-password-protected-office-documents/
https://dfir.it/blog/2015/06/17/analysts-handbook-analyzing-weaponized-documents/
https://zeltser.com/analyzing-malicious-documents/
https://www.shellntel.com/blog/2016/9/13/luckystrike-a-database-backed-evil-macro-generator
https://www.blackhillsinfosec.com/hide-payload-ms-office-document-properties/
https://securityoversimplicity.wordpress.com/2017/11/23/not-all-she-wrote-part-3-rigged-rtf-documents/
http://www.sdkhere.com/2017/12/analysis-of-file-spider-ransomware.html
https://pentestlab.blog/2017/12/15/microsoft-office-payloads-in-document-properties/
http://blog.51cto.com/antivirusjo/2054410
http://www.freebuf.com/vuls/159789.html
http://blog.safedog.cn/?p=1519
http://blog.safedog.cn/?p=2209
https://spreadsecurity.github.io/2016/08/14/macro-malware-analysis.html
http://sites.utexas.edu/iso/2016/07/08/reverse-engineering-a-malicious-ms-word-document/
http://www.freebuf.com/articles/terminal/74921.html
https://www.anquanke.com/post/id/84105
https://countuponsecurity.com/2014/09/22/malicious-documents-pdf-analysis-in-5-steps/
https://countuponsecurity.com/2014/10/24/malicious-documents-word-with-vba-and-powershell/
https://www.cert-ist.com/public/en/SO_detail?code=malicious_pdf
http://netsecurity.51cto.com/art/200907/138668.htm
https://blog.didierstevens.com/category/pdf/
http://www.itbaby.me/blog/59f7ea965d21b31fcd4e2037
https://zeltser.com/media/docs/analyzing-malicious-document-files.pdf
Linux x86 Exploit
https://bbs.pediy.com/user-507717-1.htm
Malware Samples
http://contagiodump.blogspot.com/
http://dasmalwerk.eu/
http://www.freetrojanbotnet.com/
https://malshare.com/
http://www.kernelmode.info/forum/viewforum.php?f=16
https://avcaesar.malware.lu/
http://www.malwareblacklist.com/showMDL.php
http://thezoo.morirt.com/
https://malwr.com/
http://openmalware.org/
http://www.virusign.com/
https://virusshare.com/
Free Automated Malware Analysis Sandboxes and Services
https://zeltser.com/automated-malware-analysis/
Free Online Tools for Looking up Potentially Malicious Websites
https://zeltser.com/lookup-malicious-websites/
APT Sample
https://contagiodump.blogspot.com/2017/02/russian-apt-apt28-collection-of-samples.html
CVE
CVE-2010-3333
http://blog.csdn.net/qq_32400847/article/details/70225519
https://wenku.baidu.com/view/11fd094384254b35effd3480.html
https://www.52pojie.cn/thread-290299-1-1.html
https://bbs.pediy.com/thread-158078.htm
CVE–2017–11882
http://bobao.360.cn/learning/detail/4734.html
CVE-2017-11826
https://blog.fortinet.com/2017/11/22/cve-2017-11826-exploited-in-the-wild-with-politically-themed-rtf-document
malware source
https://github.com/gbrindisi/malware
https://github.com/kaiserfarrell/malware
https://github.com/terrorisst/Malware
https://github.com/fdiskyou/malware
https://github.com/c633/malwaRE
https://github.com/DanielRTeixeira/Malware
https://github.com/nikicat/web-malware-collection
https://github.com/faber03/AndroidMalwareEvaluatingTools
https://github.com/gasgas4/Leaked_Malware_SourceCode
https://github.com/ashishb/android-malware
https://github.com/infosecguerrilla/LinuxMalwareSourceCode
https://github.com/tfairane/AndroMalware
https://github.com/infosecguerrilla/WindowsMalwareSourceCode
https://github.com/csurage/Rootkit
https://github.com/adi0x90/POC-Android-Malware
https://github.com/cheverebe/Android-malware
https://github.com/ispoleet/malware
https://github.com/bakely/malware
https://github.com/K1rky/Malware
https://github.com/Screetsec/TheFatRat
https://github.com/asudhak/Android-Malware
https://github.com/Xyl2k/Malware-Auto-Downloader
https://github.com/slydon/malware_tools
https://github.com/Mi3Security/su-a-cyder
https://github.com/pandazheng/POC-Android-Malware-files
https://github.com/tfairane/AndroMalware
https://github.com/eset/malware-research
https://github.com/m0nad/Diamorphine
https://github.com/a7vinx/liinux
auto script
https://github.com/znb/Malware
https://github.com/arbor-jjones/malware
https://github.com/samvartaka/malware
https://github.com/John-Lin/malware
https://github.com/PythonWebScrapingMalware/Malware
https://github.com/sroberts/malwarehouse
https://github.com/SpiderLabs/malware-analysis
https://github.com/hasherezade/malware_analysis
https://github.com/tomchop/malcom
https://github.com/JustF0rWork/malware
https://github.com/seifreed/malware-scripts
https://github.com/andrew-morris/stupid_malware
https://github.com/abdesslem/malwareHunter
https://github.com/dchad/malware-detection
https://github.com/bindog/ToyMalwareClassification
https://github.com/svent/jsdetox
https://github.com/Googulator/TeslaCrack
https://github.com/KoreLogicSecurity/mastiff
https://github.com/adobe-security/Malware-classifier
https://github.com/PaloAltoNetworks/WireLurkerDetector
https://github.com/necst/aamo
https://github.com/maltelligence/maltelligence
https://github.com/mwleeds/android-malware-analysis
https://github.com/trendmicro/aleph
https://github.com/idanr1986/cuckoo-droid
https://github.com/MalwareLu/tools
https://github.com/hgascon/adagio
https://github.com/rieck/malheur
https://github.com/dcmorton/MalwareTools
https://github.com/ispoleet/malware
https://github.com/Dynetics/Malfunction
https://github.com/tiago4orion/malelf
https://github.com/lbull/malware-collector
https://github.com/sysopfb/Malware_Scripts
https://github.com/deadbits/malware-analysis-scripts
https://github.com/tuomao/android_malware_detection
https://github.com/aim4r/VolDiff
https://github.com/VT-Magnum-Research/antimalware
https://github.com/devwerks/Static-Malware-Analyses
https://github.com/guelfoweb/peframe
https://github.com/nheijmans/malzoo
https://github.com/neriberto/hg
https://github.com/mboman/mart
https://github.com/CSIRTUK/Malware-Tools
https://github.com/0x71/cuckoo-linux
https://github.com/bunseokbot/androtools
https://github.com/psdeshpande/MalwareDetection
https://github.com/sibichakkaravarthy/Malware-Analysis
https://github.com/2015-10-10/MalwareClassification
https://github.com/pfohjo/nitro
https://github.com/researcherGeekLab/AMIV
https://github.com/Te-k/malware-classification
https://github.com/lanninghuanxue/DroidJ
https://github.com/CvvT/AppTroy
https://github.com/monnappa22/Limon
https://github.com/androguard/androguard
https://github.com/sh4hin/Androl4b
https://github.com/jnferguson/entropyDeviation
Course Book
https://github.com/RPISEC/Malware
https://github.com/rshipp/awesome-malware-analysis
https://github.com/mgoffin/malwarecookbook
https://github.com/MISP/MISP
https://github.com/wyyqyl/MalwareAnalysis
https://github.com/secmobi/amatutor
https://github.com/pandazheng/amatutor
AntiMalware Software
https://github.com/twitter-university/AntiMalware
https://github.com/ssesha/MalwareScanner
https://github.com/acprimer/MalwareDetector
https://github.com/kapilkchaurasia/Behavior-Based-Malware-Detection-System-for-Android
Samples
https://github.com/ashishb/ios-malware
APT
https://github.com/hfiref0x/CVE-2015-1701
https://github.com/michael-yip/APTMalwareNotes
https://github.com/abzcoding/aptdetector
https://github.com/harsh2602/APT-Detection-Via-Graph-Analytics
https://github.com/Tryan18/XCOM
https://github.com/aroradhruv03/APThreatDetectionSys
https://github.com/tobypinder/ludumdare32
https://github.com/hslatman/awesome-threat-intelligence
https://github.com/peterfelfer/AtomProbeTutorials
Tools
https://sourceforge.net/projects/remnux/files/
https://remnux.org/docs/distro/tools/
在线画图工具
https://www.processon.com/
http://www.xmindchina.net/
脱壳逆向
https://tuts4you.com
http://www.woodmann.com/
https://bbs.pediy.com/thread-224537.htm
https://bbs.pediy.com/thread-196797.htm