A personal vault of resources, experiments, case studies, insights and lil madness into the world of malware analysis and reverse engineering.
MA & RE Madness is a curated, evolving collection of everything I explore in the fields of:
- π¦ Malware Analysis
- π οΈ Reverse Engineering
- π¬ Static & Dynamic Binary Inspection
- π§ͺ Behavioral Analysis
- π» Disassembly / Debugging
- π§° Tool Configs & Custom Scripts
This isn't a projectβit's a reference lab, a playground, and a documentation trail for my learning and experiments.
How-To-Survive-MARE/
βββ π notes/ β My MARE Notes (University Course Notes)
βββ π homelabs/ β HomeLabs Setup & Installations (MUST)
βββ π static-analysis/ β Notes, tools, and case studies (strings, PE headers, disasm)
βββ π dynamic-analysis/ β Execution tracing, sandbox logs, API hooking
βββ π reverse-engineering/ β CrackMes, patching trials, function analysis
βββ π samples/ β (Redacted) hashes or safe test binaries
βββ π tools/ β Scripts, configs, automation helpers
βββ π investigations/ β Full investigations & malware flow deconstruction
βββ π resources/ β PDF's, Books, Documents, Papers, Pages, News, Related to Malware Analysis & Reverse Engineering
βββ π README.md
Most folders contain
README.mdor markdown logs with detailed notes per activity or experiment.
- π§ Use it as a reference guide if you're studying MARE
- π Browse case studies to learn real-world malware techniques
- π οΈ Reuse scripts, automation snippets, or tool configs
- π Keep track of your own learnings by forking/cloning this as a base repo
Youβre on your own battle arsnel, but hereβs what works best for me:
- OS: βοΈ Windows FLARE VM / Linux (Kali or Ubuntu), REMnux
- Isolation: 𧱠VirtualBox / VMWare with snapshots (Mostly VMware)
- Tools:
- π Python for scripting
- π Ghidra / IDA Free
- 𧬠x64dbg / OllyDbg
- π¦ PEStudio, ProcMon, Wireshark
- π noVNC / sandbox for browser malware
- π lot etc.
- @_JohnHammond
- @MalwareAnalysisForHedgehogs
- @OALABS
- @huskyhacks
- @jstrosch
- @c3rb3ru5d3d53c
- @lauriewired
- @HackerSploit
- Practical Malware Analysis (NoStarch Book)
- TCM - Practical Malware Analysis & Triage
- Windows Malware Analysis for Beginners - Udemy
- Malware Unicorn RE101 Workshop
- TheZoo
- Malwarebytes Glossary
- SentinelOne Cybersecurity Blog
- G Data Malware Blog
- Rickβs GitHub Security Notes
- malware-analysis-resources
- Malware, IR - Tools & Resources (GoogleDrive Link, Google Dorked, Opensource Content, Be Catious)
- Microsoft Learn: Windows Internals
- Microsoft Developer Blog - Old New Thing
- Microsoft API Archives (Usenet)
- Practical Security Analytics
- Astra Security Blog
- Safety Detectives Security Blog
- Kaspersky Cyber Threat Map
- VX-Underground
- Malware Bazaar by Abuse.ch
- TheZoo Malware Repository (ytisf)
- GitHub Malware Samples
- Malware Traffic Analysis
- Hybrid Analysis
Educational Use Only.
Any samples, websites, or links (if referenced) are strictly for educational purposes. Always analyze inside air-gapped, isolated environments, or use only for ethical purposes. Never execute unknown binaries on your host machine or infect other systems or for any malicious intent β this will be a very dangerous, illegal and highly punishable offense.
This repo grows organicallyβas I learn, break things, and document.
No fixed roadmap.
βTo understand the enemy, you must become the enemy.β β Sun Tzu, The Art of War