Anti-Malware Courses Online

About

Fire Tool is a simple and easy to use anti malware and fix the remains of an malware atack application designed with a Process viewer .

About

Antivirus software with virus scanning and virus definition updates

Free Antivirus software for Windows, using the well-respected ClamAV scanning engine. Includes virus scanner, scheduler, virus database updates, context menu integration to MS Windows Explorer, and Add-in to MS Outlook. Also features an easy setup program.

About

Cuckoo Sandbox is for automated analysis of malware

Cuckoo Sandbox uses components to monitor the behavior of malware in a Sandbox environment; isolated from the rest of the system. It offers automated analysis of any malicious file on Windows, Linux, macOS, and Android.

About

A Linux Toolkit for Malware Analysis

REMnux® is a Linux toolkit for reverse-engineering and analyzing malicious software. REMnux provides a curated collection of free tools created by the community. Analysts can use it to investigate malware without having to find, install, and configure the tools.

About

Honeypots in a box! HoneyDrive is the premier honeypot bundle distro.

HoneyDrive is the premier honeypot Linux distro. It is a virtual appliance (OVA) with Xubuntu Desktop 12.04.4 LTS edition installed. It contains over 10 pre-installed and pre-configured honeypot software packages such as Kippo SSH honeypot, Dionaea and Amun malware honeypots, Honeyd low-interaction honeypot, Glastopf web honeypot and Wordpot, Conpot SCADA/ICS honeypot, Thug and PhoneyC honeyclients and more. Additionally it includes many useful pre-configured scripts and utilities to analyze, visualize and process the data it can capture, such as Kippo-Graph, Honeyd-Viz, DionaeaFR, an ELK stack and much more. Lastly, almost 90 well-known malware analysis, forensics and network monitoring related tools are also present in the distribution.

About

V2.0-Unhides folder or files, and removes malicious scripts from USB Drive

It is a USB Malware Cleaner. This is a small tool that removes malicious scripts created by viruses or malware, unhides folders and files, deletes all shortcuts from the selected drives. Also disables autorun completely and provides an option to enable registry, folder options, and task manager. 

About

Control which folders programs can be run from.

A software policy makes a powerful addition to Microsoft Windows' malware protection. In particular, it is more effective against ransomware than traditional approaches to security. If you know about the Linux 'execute permission' bit then you'll understand what this is for. The mode of operation is somewhat different in that execute permission is granted to folders and subfolders rather than individual files, but the intention is the same, to stop undesirable or unknown software from launching. Additionally, it is possible to specify that certain executables (typically browsers and email clients) are run with reduced rights. This is a valuable damage-limitation measure against browser plugin vulns, etc. The protection can be turned off without a reboot whilst installing legitimate software, and will automatically reactivate after a specified time

About

Cloud antivirus scanner based on machine detection

Treater Anti-Virus is a free portable anti-virus on demand scanner which does not require the installation and updates of signatures. The application is able to detect and neutralize threats not found by the main protection program, such as Trojans, Ransomware, Worms, Dialers, Adware, Riskware, Pornware, SMS Blocks, etc. The utility does not require installation and can be launched from removable USB/CD drives as a "resuscitator" tool to unlock the computer. During the development, the interface requirements were taken into account, which has an intuitive structure and light colors in the Metro style. Different verification options By default, the antivirus program has the most possible settings and will scan all dangerous and critical system directories that are prone to infection. Unknown objects will be filtered out, and then they will be loaded into the cloud for further analysis. The analysis of the transferred files is carried out with our own original development "COGA"

About

Powered by the same engine as the world famous Retina Network Scanner

Powered by the same engine as the Retina Network Security Scanner, Retina Community is a completely free security scanner for up to 128 IPs. Use it to scan servers, desktops - any networked device - for security flaws, and learn how to fix them. New: Now, you can scan virtual applications, deployed via VMware ThinApp, for flaws as well. This is a new industry development, completely unique to eEye.

About

sktrap (script kiddies trap) is a tiny intrusion detection system. Installed on the monitor server, it runs tests via ssh on its clients. Cracks very visible (files,open ports). Built in reply to and very succesful in finding real-world break-ins.

About

Hosting exploit/backdoor detection daemon.It's written in python , and uses inotify (pyinotify) to monitor file system activity.It checks files smaller then some size,compares their md5sum and hex signatures against DBs with known exploits/backdoor.

About

Blocking and monitoring of network traffic based on geography.

Geo Firewall performs blocking of network traffic based on geography (geo IP), allows to add custom subnets, allows exceptions on ports for incoming traffic for specific geography, keeps visual and persistent logs, shows statistics, automatically updates geographical database.

About

Open Source SCADA Security Evaluation Tool

Modbus traffic generator is a tool written in Python, and uses Scapy libraries to evaluate the effectiveness of SCADA security solutions. The tool generates Modbus/TCP packets, where the characteristics of these packets are extracted from Snort NIDS Modbus rules. The generated packets trigger related alerts in Snort NIDS. It is useful to anybody interested in evaluating and testing their SCADA security solution or other people solutions. Requirements: * Python 2.x or higher * Scapy * Snort NIDS (within the network)

About

EyeSpy is a is a PC/Windows based internet monitoring and visualization tool. It will scan and summarize all online activity, and display a realtime, interactive map showing the geographic location of all endpoints communicating online.

About

Tool to detect malware activity on a system.

Killtrojan Syslog is a free application to create a report about characteristics of the system to further analyze and look for signs of malware, also is intended to put the report in a specialized forum for users to help. The tool has a very intuitive and easy to use for non-technical users to create their reports. Also useful for more advanced users who want to analyze a computer. With the support logs with BBCode mode, you can paste the log generated in any forum (SMF, PHPBB, Invision ...) which will be detailed with clear colors for your reading.

About

Manage your Snort rules with N.S.M.

N.S.M Lite is a simple and easy way to manage your signatures for your Snort based IDS/IPS implementation, which can improve IDS/IPS signature development for accurate detection of malicious malware. Additionally, N.S.M can be used a learning tool to help you understand the complex nature of Intrusion Detection and/or Prevention (IDP) signatures for the Snort platform.

About

RemoveSpy is a tool designed for removal of malware and startup programs from Windows installations. The program itself is designed to run from a Linux startup disk, in order to bypass any existing malware.

About

The Powerful Protection for PC Against Viruses from Removable Drives

Shiela USB Shield is a powerful first line defense against virus from infected removable drives. * It locks autorun.inf and associate executable files in multiple instance * Delete/Freeze the shortcut file or clone file, and restores the original automatically. * It is free and open source. System Requirements 1) Windows 2000 or later 2) 256Mb RAM or higher 3) 1GHz Processor or faster 4) .NET Framework 2.0 or later must be installed

About

Spondulas is a browser emulator designed to retrieve web pages for hunti.

Spondulas is a browser emulator and parser designed to retrieve web pages for hunting malware. It supports the generation of browser user agents, GET/POST requests, and SOCKS5 proxy. It can be used to parse HTML files sent via e-mail. Monitor mode allows a website to be monitored at intervals to discover changes in DNS or content over time. Autolog mode creates an investigation file that documents redirection chains. The retrieved web pages are parsed for links and reported to an output file. 

About

Removes viruses, spyware, trojan, adware, rootkits, viruses, rogue programs, spam, phishing attacks, browser hijacking. It even has the power and technology to remove the latest dangerous threats, like Win32.Kido and Conficker (aka. Downadup)

About

TPMitigation is a transparent HTTP proxy for the mitigation of drive-by-malware. Content is converted on the fly and/or replaced where there is a risk of infection by embedded drive-by-malware. 

About

The ultimate anti-malware application for windows. This open source project includes real time protection as well as automatic updates and scanning/removing capabilities.

About

Protects from browser hijacker, malicious plug-ins, malware, and diffe.

Yet Another Cleaner is an all-in-one FREE professional tool to keep your PC safe, clean, and fast, removes harmful files from your PC, and repairing your operating system. Protects from browser hijacker, malicious plug-ins, malware, and different viruses. It can help you get rid of unwanted browser hijackers like Qvo6, delta, and V9, etc. Clear cache/browser history and boost slow computers. Just by ONE CLICK, Yet Another Cleaner will take any PC problems away. Key Features: Completely FREE, effective, robust, and highly reliable software that increases computing productivity by keeping PCs running smoothly and error-free. An All-In-One virus removal tool. It will keep your PC and browser safe, clean, and efficient with just ONE CLICK. Create and Protect your own default homepage Malware removal. It can detect and help you get rid of unwanted toolbars like dealply and webcake. Protects your PC.

About

The best browser in 2018

Surf the web, download files, and internet bypass restrictions. Chedot Editor's review Programming FromGuerrilla: A feature of our browser is a high speed on slow computers, high-speed download on a bad Internet, support Resume downloading files when the connection is broken and downloading in multiple threads, the ability to go on websites and download blocked videos from video sites. 

About

Antiexploit framework for home, business, or server use. Completely opensource, and free(as in free beer). Antibody doesn't use a signature database, instead it emulates the possible threat to find out whats really going on.

About

worlds first antimalware software which spreads like a malware.

VACCINE v1.0 Worlds first antimalware software which removes a specific set of viruses from the entire cyberspace.Unlike all the other antimalware software's vaccine is an opensource program,uses virus mode of spreading to accomplish the aim,is free of cost and doesnt affect the computer performance. Features: 1. usb disk security 2. automated virus/malware removal from usb drives 3. disinfection of specific types from the computer 4. restrictions removal. 5. complete protection from viruses spreaded via usb disks. 6. Works on all versions of windows (32/64).

About

A program that detects and blocks phishing, pharming, Hacker's C&C.

PhishBlock is a security program that detects and blocks Phishing, Pharming, Hacker’s C&C(Command and Control) Servers which are located in databases with URLs, DNS hostnames, and IP Addresses. This program detects and blocks Malware URLs, bad Hosts, and bad IP addresses. Recently, most malware codes are delivered covertly to users’ personal computers through Google ads, SNS, Blogs, BBS and so on, which users visit often. And After the malware codes connect the C&C server(or Botnet), they attack, and steal information, repeatedly and persistently. Currently, there is a lack of affordable software to protect individuals personal computer’s from detecting and blocking these malware features. Generally, virus vaccine programs only detect and block files already existing inside a users’ personal computer. But PhishBlock detects and blocks harmful files at the network entrance of personal computers.

About

Capture newly created files in Windows filesystems

FileGrab is a tool that monitors a Windows filesystem for newly created files and copy those files to another location. It can be useful for honeypots, malware analysis, investigation scenarios and so on.

About

Windows Network Simulation tool for Malware Analysis

FakeNet is Windows network simulation tool designed for malware analysis. It redirects all traffic leaving a machine to the localhost (including hard-coded IP traffic and DNS traffic) and implements several protocols to ensure that malicious code continues to execute and can be observed by an analyst. The tool supports DNS, HTTP, and SSL protocols and provides a python extension interface for implementing new or custom protocols. It also the capability to listen for traffic to any port as well as create packet capture on the localhost. Right now the tool only supports WinXP Service Pack 3. The tool runs fine on Windows Vista/7 although certain features will be automatically disabled.