Runpe In MemoryRun a Exe File (PE Module) in memory (like an Application Loader)
Stars: ✭ 249 (+196.43%)
AptAPT || Execution || Launch || APTs || ( Authors harr0ey, bohops )
Stars: ✭ 83 (-1.19%)
Al KhaserPublic malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
Stars: ✭ 3,573 (+4153.57%)
Threat IntelArchive of publicly available threat INTel reports (mostly APT Reports but not limited to).
Stars: ✭ 252 (+200%)
MqueryYARA malware query accelerator (web frontend)
Stars: ✭ 264 (+214.29%)
polioResearch on polio / protein folding.
Stars: ✭ 13 (-84.52%)
SimpleatorSimpleator ("Simple-ator") is an innovative Windows-centric x64 user-mode application emulator that leverages several new features that were added in Windows 10 Spring Update (1803), also called "Redstone 4", with additional improvements that were made in Windows 10 October Update (1809), aka "Redstone 5".
Stars: ✭ 260 (+209.52%)
Malware SamplesMalware samples, analysis exercises and other interesting resources.
Stars: ✭ 241 (+186.9%)
TeleShadow2TeleShadow - Telegram Desktop Session Stealer (Windows)
Stars: ✭ 88 (+4.76%)
YobiYara Based Detection Engine for web browsers
Stars: ✭ 39 (-53.57%)
mkpolyA simple polymorphic engine
Stars: ✭ 28 (-66.67%)
freki🐺 Malware analysis platform
Stars: ✭ 327 (+289.29%)
stoombootAn x86 real mode multiboot-ish ELF bootloader
Stars: ✭ 19 (-77.38%)
KeyPlexerCapstone: Keylogger Trojan
Stars: ✭ 32 (-61.9%)
Threat HuntingPersonal compilation of APT malware from whitepaper releases, documents and own research
Stars: ✭ 219 (+160.71%)
VBoxCloakA PowerShell script that attempts to help malware analysts hide their Windows VirtualBox Windows VM's from malware that may be trying to evade analysis. Guaranteed to bring down your pafish ratings by at least a few points ;)
Stars: ✭ 49 (-41.67%)
qt-ratRemote administration tool with Qt5
Stars: ✭ 37 (-55.95%)
AutoIt-RipperExtract AutoIt scripts embedded in PE binaries
Stars: ✭ 101 (+20.24%)
MemtriageAllows you to quickly query a Windows machine for RAM artifacts
Stars: ✭ 200 (+138.1%)
MalScanA Simple PE File Heuristics Scanners
Stars: ✭ 41 (-51.19%)
mitre-visualizer🧬 Mitre Interactive Network Graph (APTs, Malware, Tools, Techniques & Tactics)
Stars: ✭ 49 (-41.67%)
QilingQiling Advanced Binary Emulation Framework
Stars: ✭ 2,816 (+3252.38%)
fake-sandbox👁🗨 This script will simulate fake processes of analysis sandbox/VM software that some malware will try to avoid.
Stars: ✭ 110 (+30.95%)
dccDirect/Interactive C Compiler
Stars: ✭ 18 (-78.57%)
VitalMalware for Discord, designed to steal passwords, tokens, and inject discord folders for long-term use.
Stars: ✭ 50 (-40.48%)
Unified Hosts AutoupdateQuickly and easily install, uninstall, and set up automatic updates for any of Steven Black's unified hosts files.
Stars: ✭ 185 (+120.24%)
apooxmlGenerate YARA rules for OOXML documents.
Stars: ✭ 34 (-59.52%)
dirtx86 assembler in scheme
Stars: ✭ 27 (-67.86%)
LisaSandbox for automated Linux malware analysis.
Stars: ✭ 177 (+110.71%)
FatherLD_PRELOAD rootkit
Stars: ✭ 59 (-29.76%)
go-coronanetGo implementation of the Corona Network
Stars: ✭ 35 (-58.33%)
AnteaterAnteater - CI/CD Gate Check Framework
Stars: ✭ 174 (+107.14%)
Teleshadow3Telegram Desktop Session Stealer
Stars: ✭ 83 (-1.19%)
Reverse-EngineeringA FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit ARM & 64-bit ARM architectures.
Stars: ✭ 7,234 (+8511.9%)
Misp TaxonomiesTaxonomies used in MISP taxonomy system and can be used by other information sharing tool.
Stars: ✭ 168 (+100%)
LOLBAS222APT || Execution || Launch || APTs || ( Authors harr0ey, bohops )
Stars: ✭ 100 (+19.05%)
sarlaccSMTP server / sinkhole for collecting spam
Stars: ✭ 42 (-50%)
Android DisassemblerDisassemble ANY files including .so (NDK, JNI), Windows PE(EXE, DLL, SYS, etc), linux binaries, libraries, and any other files such as pictures, audios, etc(for fun)files on Android. Capstone-based disassembler application on android. 안드로이드 NDK 공유 라이브러리, Windows 바이너리, etc,... 리버싱 앱
Stars: ✭ 250 (+197.62%)
DdoorDDoor - cross platform backdoor using dns txt records
Stars: ✭ 168 (+100%)
Cave minerSearch for code cave in all binaries
Stars: ✭ 218 (+159.52%)
auroraMalware similarity platform with modularity in mind.
Stars: ✭ 70 (-16.67%)
Chain ReactorChain Reactor is an open source framework for composing executables that simulate adversary behaviors and techniques on Linux endpoints.
Stars: ✭ 206 (+145.24%)
Flare FlossFLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.
Stars: ✭ 2,020 (+2304.76%)
LiefAuthors
Stars: ✭ 2,730 (+3150%)
CEHExam Prep for the Ec-council Certified Ethical Hacker 312-50
Stars: ✭ 71 (-15.48%)
BinsnitchDetect silent (unwanted) changes to files on your system
Stars: ✭ 144 (+71.43%)
malice-avMalice AntiVirus Plugins
Stars: ✭ 98 (+16.67%)
pax-utils[MIRROR] ELF related utils for ELF 32/64 binaries that can check files for security relevant properties
Stars: ✭ 58 (-30.95%)
goelftoolsLibrary for parsing ELF files written in pure Go.
Stars: ✭ 26 (-69.05%)
rkorovald_preload userland rootkit
Stars: ✭ 34 (-59.52%)
Defeat-Defender-V1.2Powerful batch script to dismantle complete windows defender protection and even bypass tamper protection ..Disable Windows-Defender Permanently....Hack windows. POC
Stars: ✭ 885 (+953.57%)
Php Malware AnalysisDeobfuscation and analysis of PHP malware captured by a WordPress honey pot
Stars: ✭ 82 (-2.38%)