MHN - MHN is a centralized server for management and data collection of honeypots. MHN allows you to deploy sensors quickly and to collect data immediately, viewable from a neat web interface.

Mnemosyne - A normalizer for honeypot data; supports Dionaea.

Thug - Low interaction honeyclient, for investigating malicious websites.

Malware CorporaMalware samples collected for analysis.

Clean MX - Realtime database of malware and malicious domains.

Contagio - A collection of recent malware samples and analyses.

Exploit Database - Exploit and shellcode samples.

Infosec - CERT-PA - Malware samples collection and analysis.

InQuest Labs - Evergrowing searchable corpus of malicious Microsoft documents.

Javascript Mallware Collection - Collection of almost 40.000 javascript malware samples

Malpedia - A resource providing rapid identification and actionable context for malware investigations.

Malshare - Large repository of malware actively scrapped from malicious sites.

Ragpicker - Plugin based malware crawler with pre-analysis and reporting functionalities

theZoo - Live malware samples for analysts.

Tracker h3x - Agregator for malware corpus tracker and malicious download sites.

vduddu malware repo - Collection of various malware files and source code.

VirusBay - Community-Based malware repository and social network.

ViruSign - Malware database that detected by many anti malware programs except ClamAV.

VirusShare - Malware repository, registration required.

VX Vault - Active collection of malware samples.

Zeltser's Sources - A list

Awesome Malware Analysis

A curated list of awesome malware analysis tools and resources. Inspired by awesome-python and awesome-php.

Malware Collection
Open Source Threat Intelligence
- Tools
- Other Resources
Detection and Classification
Online Scanners and Sandboxes
Domain Analysis
Browser Malware
Documents and Shellcode
File Carving
Deobfuscation
Debugging and Reverse Engineering
Network
Memory Forensics
Windows Artifacts
Storage and Workflow
Miscellaneous
Resources
- Books
- Other
Related Awesome Lists
Contributing
Thanks

View Chinese translation: 恶意软件分析大合集.md.

Malware Collection

Anonymizers

Web traffic anonymizers for analysts.

Anonymouse.org - A free, web based anonymizer.
OpenVPN - VPN software and hosting solutions.
Privoxy - An open source proxy server with some privacy features.
Tor - The Onion Router, for browsing the web without leaving traces of the client IP.

Honeypots

Trap and collect your own samples.

Conpot - ICS/SCADA honeypot.
Cowrie - SSH honeypot, based on Kippo.
DemoHunter - Low interaction Distributed Honeypots.
Dionaea - Honeypot designed to trap malware.
Glastopf - Web application honeypot.
Honeyd - Create a virtual honeynet.
HoneyDrive - Honeypot bundle Linux distro.
Honeytrap - Opensource system for running, monitoring and managing honeypots.
MHN - MHN is a centralized server for management and data collection of honeypots. MHN allows you to deploy sensors quickly and to collect data immediately, viewable from a neat web interface.
Mnemosyne - A normalizer for honeypot data; supports Dionaea.
Thug - Low interaction honeyclient, for investigating malicious websites.

Malware Corpora

Malware samples collected for analysis.

Clean MX - Realtime database of malware and malicious domains.
Contagio - A collection of recent malware samples and analyses.
Exploit Database - Exploit and shellcode samples.
Infosec - CERT-PA - Malware samples collection and analysis.
InQuest Labs - Evergrowing searchable corpus of malicious Microsoft documents.
Javascript Mallware Collection - Collection of almost 40.000 javascript malware samples
Malpedia - A resource providing rapid identification and actionable context for malware investigations.
Malshare - Large repository of malware actively scrapped from malicious sites.
Ragpicker - Plugin based malware crawler with pre-analysis and reporting functionalities
theZoo - Live malware samples for analysts.
Tracker h3x - Agregator for malware corpus tracker and malicious download sites.
vduddu malware repo - Collection of various malware files and source code.
VirusBay - Community-Based malware repository and social network.
ViruSign - Malware database that detected by many anti malware programs except ClamAV.
VirusShare - Malware repository, registration required.
VX Vault - Active collection of malware samples.
Zeltser's Sources - A list