This repository is one of a few malware collections on the GitHub.

Related tags

Security related resourcesMalwareDatabase
Overview

Malware Database

Disclaimer

This repository is one of the few malware collections on GitHub. Almost every sample here is malicious so I strongly recommend you to neither open these files on real hardware, nor misuse the malware to prank your friends. Playing with these samples may lead to irreversible consequences which may affect anything from personal data to passwords and banking information.

I am not responsible for any damage caused by the malware inside my repository and your negligence in general.

Table of contents

  1. Introduction
  2. Contributors
  3. About
  4. FAQ

Introduction

Most of people say: "Malware isn't a toy to play with!", however, I don't hold such an opinion. Malware is fun, if you know how to play with it! 😉 In my opinion, people who think opposite are gloomy and tedious or just afraid of it. Nonetheless, I still DO NOT recommend you using malware for your personal needs and benefits. If you want to ask any type of questions (e. g. Archive password doesn't match; Provided malware doesn't work! etc.) use the "Issues" tab. Also here are the steps if you want to support me and my repository!

Any type of support will be highly appreciated!

Contributors

This is a list of people who really helped me (excluding myself):

About

My malware repository isn't excellent, however, I am trying my best to convince you 😄

About

Password

The password for all archives is mysubsarethebest!

Percentage

Here is a table of approximate percentage ratio of malware in my repository.

Malware type Percentage
Rogue (Fraud) 40%
Joke 35%
Trojan 10%
Ransomware 10%
Self-made / Viewer-made 5%

FAQ

Here you can find answers to frequently asked questions. This may be helpful!

Q: What is the password for the archive I've downloaded?
A: It is mysubsarethebest... Read the description carefully!

Q: I know I didn't misspell the password for the archive, however it STILL won't unlock. What do I do?
A: Check for the mistakes again, if it doesn't help then create an issue, I will reupload the one you're struggling with. Mistakes can happen!

Q: I can't find the sample I need which you reviewed on your channel, why?
A: I am happy to announce the malware series are back, although I cannot guarantee the presence of every sample reviewed on my channel. Create an issue if you don't find a sample you really want, I (or my moderator) will help you shortly after. But please, please don't spam with your requests in issues. Send them to my mailbox. (mentioned in the 4th question)

Q: Can I contribute to your malware database? If yes, how?
A: Yes, of course you can. You can send your malware (no batch or bat2exe files, please) to my mailbox! ([email protected]) Only the best of the best will be reviewed and put here.

Endermanch, 2020

Owner
Andrew
I'm just a youtuber :)
Andrew
GitHub Repository https://malwat.ch
DNSSEQ: PowerDNS with FALCON Signature Scheme

PowerDNS-based proof-of-concept implementation of DNSSEC using the post-quantum FALCON signature scheme.

Nils Wisiol 4 Feb 03, 2022
IDA Frida Plugin for tracing something interesting.

IDAFrida A simple IDA plugin to generate FRIDA script. Edit template for functions or you can use the default template. Select functions you want to t

PandaOS 133 Dec 24, 2022
Wonk is a tool for combining a set of AWS policy files into smaller compiled policy sets.

Wonk is a tool for combining a set of AWS policy files into smaller compiled policy sets.

Amino, Inc 140 Dec 16, 2022
Detection tool of malware(s) by checksum (useful for forensic)

🐍 malware_checker.py Detection tool of malware(s) by checksum (useful for forensic) 📦 Dependencies installation $ pip3 install -r requirements.txt

Fayred 1 Jan 30, 2022
Steal Files on a Windows Machine

File-Stealer Steal Files on a Windows Machine About This Script will steal certain Files on a Windows Machine and sends them to a FTP Server. Preview

Marcel 5 Nov 17, 2022
POC for detecting the Log4Shell (Log4J RCE) vulnerability.

log4shell-poc-py POC for detecting the Log4Shell (Log4J RCE) vulnerability. Run on a system with python3 python3 log4shell-poc.py pathToTargetFile

BCC Risk Advisory 2 Dec 22, 2021
com_media allowed paths that are not intended for image uploads to RCE

CVE-2021-23132 com_media allowed paths that are not intended for image uploads to RCE. CVE-2020-24597 Directory traversal in com_media to RCE Two CVEs

KIEN HOANG 67 Nov 09, 2022
Details,PoC and patches for CVE-2021-45383 & CVE-2021-45384

CVE-2021-45383 & CVE-2021-45384 There are several network-layer vulnerabilities in the official server of Minecraft: Bedrock Edition (aka Bedrock Serv

20 Apr 07, 2022
Providing DevOps and security teams script to identify cloud workloads that may be vulnerable to the Log4j vulnerability(CVE-2021-44228) in their AWS account.

We are providing DevOps and security teams script to identify cloud workloads that may be vulnerable to the Log4j vulnerability(CVE-2021-44228) in their AWS account. The script enables security teams

Mitiga 13 Jan 04, 2022
Phoenix Framework is an environment for writing, testing and using exploit code.

Phoenix-Framework Phoenix Framework is an environment for writing, testing and using exploit code. 🖼 Screenshots 🎪 Community PwnWiki Forums 🔑 Licen

Felix 42 Aug 09, 2022
An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

mitmproxy mitmproxy is an interactive, SSL/TLS-capable intercepting proxy with a console interface for HTTP/1, HTTP/2, and WebSockets. mitmdump is the

mitmproxy 29.7k Jan 04, 2023
Internal network honeypot for detecting if an attacker or insider threat scans your network for log4j CVE-2021-44228

log4j-honeypot-flask Internal network honeypot for detecting if an attacker or insider threat scans your network for log4j CVE-2021-44228 This can be

Binary Defense 144 Nov 19, 2022
It's a simple tool for test vulnerability Apache Path Traversal

SimplesApachePathTraversal Simples Apache Path Traversal It's a simple tool for test vulnerability Apache Path Traversal https://blog.mrcl0wn.com/2021

Mr. Cl0wn - H4ck1ng C0d3r 56 Dec 27, 2022
Automatically download all 10,000 CryptoPunk NFTs.

CryptoPunk Stealer The sole purpose of this script is to download the entire CryptoPunk NFT collection. How does it work? Basically, the website where

Dan 7 Oct 22, 2022
Simplify getting and using cookies from the browser to use in Python.

CookieCache Simplify getting and using cookies from the browser to use in Python. NOTE: All the logic to interface with the browsers is done by the Br

pat_h/to/file 2 May 06, 2022
Automatically fetch, measure, and merge subscription links on the network, use Github Action

Free Node Merge Introduction Modified from alanbobs999/TopFreeProxies It measures the speed of free nodes on the network and import the stable and hig

52 Jul 16, 2022
Separate handling of protected media in Django, with X-Sendfile support

Django Protected Media Django Protected Media is a Django app that manages media that are considered sensitive in a protected fashion. Not only does t

Cobus Carstens 46 Nov 12, 2022
Bug Alert: a service for alerting security and IT professionals of high-impact and 0day vulnerabilities

Bug Alert Bug Alert is a service for alerting security and IT professionals of h

BugAlert.org 208 Dec 15, 2022
Tenssens framework focused on gathering information from free tools or resources. The intention is to help people find free OSINT resources.

Tenssens framework focused on gathering information from free tools or resources. The intention is to help people find free OSINT resources.

Md. Nur habib 31 Oct 21, 2022
Extendable payload obfuscation and delivery framework

NSGenCS What Is? An extremely simple, yet extensible framework to evade AV with obfuscated payloads under Windows. Installation Requirements Currently

123 Dec 19, 2022