ROPGenerator is a tool that helps you building ROP exploits by finding and chaining gadgets together

https://github.com/Boyan-MILANOV/ropgenerator

Debugging Windows Services For Malware Analysis / Reverse Engineering

https://secrary.com/Random/WindowsServiceDebugging/

claripy Solver Engine. A frontend to z3.

http://angr.io/api-doc/claripy.html

SMUC: Simplified MITRE Use Cases, it describes the Attack and Detection

https://github.com/karemfaisal/SMUC

Get a reverse shell within 15 seconds on both Windows or Unix based systems, using the Digispark developement board.

https://github.com/HassanShehata/KeySpark

A realtime assembler and disassembler  
https://disasm.pro/

HiddenWasp Malware Stings Targeted Linux Systems

https://www.intezer.com/blog-hiddenwasp-malware-targeting-linux-systems/

Analysis of New Agent Tesla Spyware Variant

https://www.fortinet.com/blog/threat-research/analysis-of-new-agent-tesla-spyware-variant.html

Hi everyone! We are so happy to announce that we finally implemented a debugger in Cutter! 🎉
The beta version of the debugger is available NOW on the Master branch so you can build the recent version of Cutter or download the precompiled executable from Appveyor (if you're on Windows).

We will release the debugger officially in about a week, until then - we are looking forward to your feedback so please make sure to try it and report us any issue or feature requests you have. 🍻

https://github.com/radareorg/cutter

AgentTesla: Deep analysis of a visual basic spyware Trojan

https://www.reb311ion.com/MalwareAnalysisReports/AgentTesla/

deReferencing is an IDA Pro plugin that implements new registers and stack views. Adds dereferenced pointers, colors and other useful information, similar to some GDB plugins (e.g: PEDA, GEF, pwndbg, etc).

Supports following architectures: x86, x86-64, ARM, ARM64, MIPS32 and MIPS64

https://github.com/danigargu/deREferencing

Python-Based Malware Uses NSA Exploit to Propagate Monero (XMR) Miner


https://www.fortinet.com/blog/threat-research/python-based-malware-uses-nsa-exploit-to-propagate-monero--xmr--.html

DbgChild is a stand alone tool for debugging child processes (auto attach).

https://github.com/David-Reguera-Garcia-Dreg/DbgChild

X64dbg Plugin Manager

https://github.com/horsicq/x64dbg-Plugin-Manager

abuse.ch is operated by a random swiss guy fighting malware for non-profit,
running a couple of projects helping internet service providers and network operators protecting
their infrastructure from malware. IT-Security researchers, vendors and law enforcement agencies rely
on data from abuse.ch, trying to make the internet a safer place.

https://abuse.ch

UNPACME is an automated malware unpacking service. Submissions to UNPACME are analyzed using a set of custom unpacking processes maintained by OpenAnalysis. These processes extract all encrypted or packed payloads from the submission and return a unique set of payloads to the user. In short, UNPACME automates the first step in your malware analysis process.

https://www.unpac.me/

Squalr is performant Memory Editing software that allows users to create and share cheats in their windows desktop games. This includes memory scanning, pointers, x86/x64 assembly injection, and so on.

https://github.com/Squalr/Squalr