theZoo purpose is to allow the study of malware and enable people who are interested in malware analysis to have access to live malware, analyses the ways they operate, and maybe even enable advanced and savvy people to block specific malware within their own environment.
We recommend running them in a VM which has no internet connection (or an internal virtual network if you must) and without guest additions or any equivalents. Some of them are worms and will automatically try to spread out. Running them unconstrained means that you will infect yourself or others with vicious and dangerous malware.
The conf folder holds files relevant to the particular running of the program but are not part of the application. You can find the EULA file in the conf and more.
Contains .py and .pyc import files used by the rest of the application
The actual malwares samples.
Malware source code.
Also Read UploadScanner : HTTP file upload scanner for Burp Proxy
Each directory is composed of 4 files:
maldb.db is the DB which theZoo is acting upon to find malware indexed on your drive. The structure is as follows:
uid,location,type,name,version,author,language,date,architecture,platform,comments,tags
An example line will look as follow:
104,Source/Original/Dexter,trojan,Dexter,2,unknown,c,00/05/2013,x86,win32,NULL,Source
Get the file you want to submit and just run python prep_file.py file_tosubmit.exe
. It will create a directory for you. Then just submit that along with the changes to the conf/maldb.db
so that we know which malware it is.
JBDev is a specialized development tool designed to streamline the creation and debugging of jailbreak…
The Kereva LLM Code Scanner is an innovative static analysis tool tailored for Python applications…
Nuclei-Templates-Labs is a dynamic and comprehensive repository designed for security researchers, learners, and organizations to…
SSH-Stealer and RunAs-Stealer are malicious tools designed to stealthily harvest SSH credentials, enabling attackers to…
Control flow flattening is a common obfuscation technique used by OLLVM (Obfuscator-LLVM) to transform executable…
Cybersecurity tools play a critical role in safeguarding digital assets, systems, and networks from malicious…