Defund the Police.

A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.

For educational purposes only, exhaustive samples of 500+ classic/modern trojan builders including screenshots.

A collection of malware samples caught by several honeypots i manage

Malware samples, analysis exercises and other interesting resources.

A repository full of malware samples.

Collection of android malware samples

Malware Samples. Uploaded to GitHub for those want to analyse the code. Code mostly from: http://www.malwaretech.com

A collection of malware samples and relevant dissection information, most probably referenced from http://blog.inquest.net

Collection of almost 40.000 javascript malware samples

This repository contains sample programs that mimick behavior found in real-world malware. The goal is to provide source code that can be compiled and used for learning purposes, without having to worry about handling live malware.

Malware Sample Sources

Malware sample library.

A large repository of malware samples with 2500+ malware samples & source codes for a variety of platforms by Cryptware Apps.

Sandbox for semi-automatic Javascript malware analysis, deobfuscation and payload extraction. Written for Node.js

Skrull is a malware DRM, that prevents Automatic Sample Submission by AV/EDR and Signature Scanning from Kernel. It generates launchers that can run malware on the victim using the Process Ghosting technique. Also, launchers are totally anti-copy and naturally broken when got submitted.

For educational purposes only, samples of ransomware/wiper trojans including screenshots/ransom-notes.

Evasions encyclopedia gathers methods used by malware to evade detection when run in virtualized environment. Methods are grouped into categories for ease of searching and understanding. Also provided are code samples, signature recommendations and countermeasures within each category for the described techniques.

It embeds the executable file or payload inside the jpg file. The method the program uses isn't exactly called one of the steganography methods. For this reason, it does not cause any distortion in the JPG file. The JPG file size and payload do not have to be proportional.The JPG file is displayed normally in any viewing application or web application. It can bypass various security programs such as firewall, antivirus. If the file is examined in detail, it is easier to detect than steganography methods. However, since the payload in the JPG file is encrypted, it cannot be easily decrypted. It also uses the "garbage code insertion/dead-code insertion" method to prevent the payload from being caught by the antivirus at runtime.

Malware repository component for samples & static configuration with REST API interface.

APT Malware Dataset Containing over 3,500 State-Sponsored Malware Samples

Bringing you the best of the worst files on the Internet.

Malware source code samples leaked online uploaded to GitHub for those who want to analyze the code

ph0neutria is a malware zoo builder that sources samples straight from the wild. Everything is stored in Viper for ease of access and manageability.

Small collection of Ransomware organized by family.

VolatilityBot – An automated memory analyzer for malware samples and memory dumps

Malware samples for analysis, researchers, anti-virus and system protection testing (1600+ Malware-samples!).

A collection of malware families and malware samples which use the Rust programming language.

Linux Malware Sample Archive including various types of malicious ELF binaries and viruses. Be careful!

Anomaly based Malware Detection using Machine Learning (PE and URL)