├── .github └── ISSUE_TEMPLATE │ ├── bug_report.md │ └── feature_request.md ├── .gitignore ├── CODE_OF_CONDUCT.md ├── CONTRIBUTING.md ├── LICENSE ├── README.md ├── bootstrap.sh ├── config └── malzoo.conf.dist ├── data ├── userdb.txt └── yara_rules │ ├── APT_NGO_wuaclt_PDF.yara │ ├── Cryptolocker.yara │ ├── GeorBotBinary.yara │ ├── GeorBotMemory.yara │ ├── MMC_d.yara │ ├── XweberInstall.yara │ ├── apt1.yara │ ├── dridex.yar │ ├── embedded.yara │ ├── filetypes.yara │ ├── fpu.yara │ ├── hangover.yara │ ├── index.yara │ ├── kins.yara │ ├── leverage.yar │ ├── rats.yara │ ├── themask.yara │ ├── unwanted.yara │ ├── urausy_skypedat.yar │ └── vmdetect.yara ├── docker ├── Dockerfile └── env.list ├── env.list ├── malzoo.py ├── malzoo ├── __init__.py ├── common │ ├── __init__.py │ └── abstract.py ├── core │ ├── __init__.py │ ├── services │ │ ├── __init__.py │ │ ├── apis.py │ │ └── distributor.py │ ├── suppliers │ │ ├── __init__.py │ │ ├── api.py │ │ ├── imap.py │ │ └── monitor.py │ ├── tools │ │ ├── __init__.py │ │ ├── activedirectory.py │ │ ├── database.py │ │ ├── emailtoolkit.py │ │ ├── es.py │ │ ├── general_info.py │ │ ├── hashes.py │ │ ├── logger.py │ │ ├── pe.py │ │ ├── pehash.py │ │ ├── saveobject.py │ │ ├── signatures.py │ │ ├── splunk.py │ │ ├── storager.py │ │ ├── strings.py │ │ └── urlextractor.py │ └── workers │ │ ├── __init__.py │ │ ├── docworker.py │ │ ├── emailworker.py │ │ ├── moduleworker.py │ │ ├── otherworker.py │ │ ├── peworker.py │ │ └── zipworker.py └── modules │ ├── __init__.py │ ├── cuckoo.py │ └── virustotal.py └── requirements.txt /.github/ISSUE_TEMPLATE/bug_report.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nheijmans/malzoo/HEAD/.github/ISSUE_TEMPLATE/bug_report.md -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/feature_request.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nheijmans/malzoo/HEAD/.github/ISSUE_TEMPLATE/feature_request.md -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nheijmans/malzoo/HEAD/.gitignore -------------------------------------------------------------------------------- /CODE_OF_CONDUCT.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nheijmans/malzoo/HEAD/CODE_OF_CONDUCT.md -------------------------------------------------------------------------------- /CONTRIBUTING.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nheijmans/malzoo/HEAD/CONTRIBUTING.md -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nheijmans/malzoo/HEAD/LICENSE -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nheijmans/malzoo/HEAD/README.md -------------------------------------------------------------------------------- /bootstrap.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nheijmans/malzoo/HEAD/bootstrap.sh -------------------------------------------------------------------------------- /config/malzoo.conf.dist: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nheijmans/malzoo/HEAD/config/malzoo.conf.dist -------------------------------------------------------------------------------- /data/userdb.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nheijmans/malzoo/HEAD/data/userdb.txt -------------------------------------------------------------------------------- /data/yara_rules/APT_NGO_wuaclt_PDF.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nheijmans/malzoo/HEAD/data/yara_rules/APT_NGO_wuaclt_PDF.yara -------------------------------------------------------------------------------- /data/yara_rules/Cryptolocker.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nheijmans/malzoo/HEAD/data/yara_rules/Cryptolocker.yara -------------------------------------------------------------------------------- /data/yara_rules/GeorBotBinary.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nheijmans/malzoo/HEAD/data/yara_rules/GeorBotBinary.yara -------------------------------------------------------------------------------- /data/yara_rules/GeorBotMemory.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nheijmans/malzoo/HEAD/data/yara_rules/GeorBotMemory.yara -------------------------------------------------------------------------------- /data/yara_rules/MMC_d.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nheijmans/malzoo/HEAD/data/yara_rules/MMC_d.yara -------------------------------------------------------------------------------- /data/yara_rules/XweberInstall.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nheijmans/malzoo/HEAD/data/yara_rules/XweberInstall.yara -------------------------------------------------------------------------------- /data/yara_rules/apt1.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nheijmans/malzoo/HEAD/data/yara_rules/apt1.yara -------------------------------------------------------------------------------- /data/yara_rules/dridex.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nheijmans/malzoo/HEAD/data/yara_rules/dridex.yar -------------------------------------------------------------------------------- /data/yara_rules/embedded.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nheijmans/malzoo/HEAD/data/yara_rules/embedded.yara -------------------------------------------------------------------------------- /data/yara_rules/filetypes.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nheijmans/malzoo/HEAD/data/yara_rules/filetypes.yara -------------------------------------------------------------------------------- /data/yara_rules/fpu.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nheijmans/malzoo/HEAD/data/yara_rules/fpu.yara -------------------------------------------------------------------------------- /data/yara_rules/hangover.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nheijmans/malzoo/HEAD/data/yara_rules/hangover.yara -------------------------------------------------------------------------------- /data/yara_rules/index.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nheijmans/malzoo/HEAD/data/yara_rules/index.yara -------------------------------------------------------------------------------- /data/yara_rules/kins.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nheijmans/malzoo/HEAD/data/yara_rules/kins.yara -------------------------------------------------------------------------------- /data/yara_rules/leverage.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nheijmans/malzoo/HEAD/data/yara_rules/leverage.yar -------------------------------------------------------------------------------- /data/yara_rules/rats.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nheijmans/malzoo/HEAD/data/yara_rules/rats.yara -------------------------------------------------------------------------------- /data/yara_rules/themask.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nheijmans/malzoo/HEAD/data/yara_rules/themask.yara -------------------------------------------------------------------------------- /data/yara_rules/unwanted.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nheijmans/malzoo/HEAD/data/yara_rules/unwanted.yara -------------------------------------------------------------------------------- /data/yara_rules/urausy_skypedat.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nheijmans/malzoo/HEAD/data/yara_rules/urausy_skypedat.yar -------------------------------------------------------------------------------- /data/yara_rules/vmdetect.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nheijmans/malzoo/HEAD/data/yara_rules/vmdetect.yara -------------------------------------------------------------------------------- /docker/Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nheijmans/malzoo/HEAD/docker/Dockerfile -------------------------------------------------------------------------------- /docker/env.list: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nheijmans/malzoo/HEAD/docker/env.list -------------------------------------------------------------------------------- /env.list: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nheijmans/malzoo/HEAD/env.list -------------------------------------------------------------------------------- /malzoo.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nheijmans/malzoo/HEAD/malzoo.py -------------------------------------------------------------------------------- /malzoo/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /malzoo/common/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /malzoo/common/abstract.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nheijmans/malzoo/HEAD/malzoo/common/abstract.py -------------------------------------------------------------------------------- /malzoo/core/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /malzoo/core/services/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /malzoo/core/services/apis.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nheijmans/malzoo/HEAD/malzoo/core/services/apis.py -------------------------------------------------------------------------------- /malzoo/core/services/distributor.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nheijmans/malzoo/HEAD/malzoo/core/services/distributor.py -------------------------------------------------------------------------------- /malzoo/core/suppliers/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /malzoo/core/suppliers/api.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nheijmans/malzoo/HEAD/malzoo/core/suppliers/api.py -------------------------------------------------------------------------------- /malzoo/core/suppliers/imap.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nheijmans/malzoo/HEAD/malzoo/core/suppliers/imap.py -------------------------------------------------------------------------------- /malzoo/core/suppliers/monitor.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nheijmans/malzoo/HEAD/malzoo/core/suppliers/monitor.py -------------------------------------------------------------------------------- /malzoo/core/tools/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /malzoo/core/tools/activedirectory.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nheijmans/malzoo/HEAD/malzoo/core/tools/activedirectory.py -------------------------------------------------------------------------------- /malzoo/core/tools/database.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nheijmans/malzoo/HEAD/malzoo/core/tools/database.py -------------------------------------------------------------------------------- /malzoo/core/tools/emailtoolkit.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nheijmans/malzoo/HEAD/malzoo/core/tools/emailtoolkit.py -------------------------------------------------------------------------------- /malzoo/core/tools/es.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nheijmans/malzoo/HEAD/malzoo/core/tools/es.py -------------------------------------------------------------------------------- /malzoo/core/tools/general_info.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nheijmans/malzoo/HEAD/malzoo/core/tools/general_info.py -------------------------------------------------------------------------------- /malzoo/core/tools/hashes.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nheijmans/malzoo/HEAD/malzoo/core/tools/hashes.py -------------------------------------------------------------------------------- /malzoo/core/tools/logger.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nheijmans/malzoo/HEAD/malzoo/core/tools/logger.py -------------------------------------------------------------------------------- /malzoo/core/tools/pe.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nheijmans/malzoo/HEAD/malzoo/core/tools/pe.py -------------------------------------------------------------------------------- /malzoo/core/tools/pehash.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nheijmans/malzoo/HEAD/malzoo/core/tools/pehash.py -------------------------------------------------------------------------------- /malzoo/core/tools/saveobject.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nheijmans/malzoo/HEAD/malzoo/core/tools/saveobject.py -------------------------------------------------------------------------------- /malzoo/core/tools/signatures.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nheijmans/malzoo/HEAD/malzoo/core/tools/signatures.py -------------------------------------------------------------------------------- /malzoo/core/tools/splunk.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nheijmans/malzoo/HEAD/malzoo/core/tools/splunk.py -------------------------------------------------------------------------------- /malzoo/core/tools/storager.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nheijmans/malzoo/HEAD/malzoo/core/tools/storager.py -------------------------------------------------------------------------------- /malzoo/core/tools/strings.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nheijmans/malzoo/HEAD/malzoo/core/tools/strings.py -------------------------------------------------------------------------------- /malzoo/core/tools/urlextractor.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nheijmans/malzoo/HEAD/malzoo/core/tools/urlextractor.py -------------------------------------------------------------------------------- /malzoo/core/workers/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /malzoo/core/workers/docworker.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nheijmans/malzoo/HEAD/malzoo/core/workers/docworker.py -------------------------------------------------------------------------------- /malzoo/core/workers/emailworker.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nheijmans/malzoo/HEAD/malzoo/core/workers/emailworker.py -------------------------------------------------------------------------------- /malzoo/core/workers/moduleworker.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nheijmans/malzoo/HEAD/malzoo/core/workers/moduleworker.py -------------------------------------------------------------------------------- /malzoo/core/workers/otherworker.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nheijmans/malzoo/HEAD/malzoo/core/workers/otherworker.py -------------------------------------------------------------------------------- /malzoo/core/workers/peworker.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nheijmans/malzoo/HEAD/malzoo/core/workers/peworker.py -------------------------------------------------------------------------------- /malzoo/core/workers/zipworker.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nheijmans/malzoo/HEAD/malzoo/core/workers/zipworker.py -------------------------------------------------------------------------------- /malzoo/modules/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /malzoo/modules/cuckoo.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nheijmans/malzoo/HEAD/malzoo/modules/cuckoo.py -------------------------------------------------------------------------------- /malzoo/modules/virustotal.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nheijmans/malzoo/HEAD/malzoo/modules/virustotal.py -------------------------------------------------------------------------------- /requirements.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nheijmans/malzoo/HEAD/requirements.txt --------------------------------------------------------------------------------