Signature-based detection of malware features based on Windows API call sequences. It's like YARA for sandbox API traces!
☆82Jun 28, 2023Updated 2 years ago
Alternatives and similar repositories for dynmx
Users that are interested in dynmx are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Indicators of compromise from to analysis and research by Nextron Threat Research team☆12Sep 17, 2025Updated 6 months ago
- Memory Scaner☆65Sep 9, 2022Updated 3 years ago
- Placeholder for my detection repo and misc detection engineering content☆42Oct 20, 2023Updated 2 years ago
- Conceptual Methods for Finding Commonalities in Macho Files☆12Mar 21, 2024Updated 2 years ago
- ☆33Feb 26, 2022Updated 4 years ago
- A Feature Rich Modular Malware Configuration Extraction Utility for MalDuck☆132Nov 25, 2023Updated 2 years ago
- Imphash-like calculation on Golang binaries☆49Jul 2, 2022Updated 3 years ago
- Repo containing my public talks☆23May 30, 2023Updated 2 years ago
- A Golang Discord C2 unlike any other. DCVC2 uses RTP packets over a voice channel to transmit all data leaving no operational traces in t…☆131Nov 5, 2024Updated last year
- Manage attack surface data on Elasticsearch☆25Nov 20, 2023Updated 2 years ago
- DLL Unlinking from InLoadOrderModuleList, InMemoryOrderModuleList, InInitializationOrderModuleList, and LdrpHashTable☆60Dec 15, 2023Updated 2 years ago
- MacroExploit use in excel sheet☆20Jun 12, 2023Updated 2 years ago
- Reasonably undetected shellcode stager and executer.☆35May 23, 2025Updated 10 months ago
- A variation of ProcessOverwriting to execute shellcode on an executable's section☆148Dec 16, 2023Updated 2 years ago
- A post-processing script for TinyTracer☆39Mar 22, 2023Updated 3 years ago
- Only for educational purposes☆12Jun 17, 2023Updated 2 years ago
- Defeating Anti-Debugging Techniques for Malware Analysis☆12Oct 1, 2022Updated 3 years ago
- Extract data of TTD trace file to a minidump☆30Jul 31, 2023Updated 2 years ago
- Detects CanaryTokens in Office docs and PDFs (docx, xlsx, pptx, pdf) without triggering alerts☆129Dec 23, 2025Updated 3 months ago
- ☆15Sep 26, 2022Updated 3 years ago
- Rapidly Search and Hunt through Linux Forensics Artifacts☆202Mar 9, 2026Updated 2 weeks ago
- Powershell script to help Speed up Threat hunting incident response processes☆43Feb 3, 2024Updated 2 years ago
- Mass Assigner is a simple tool made to probe for mass assignment vulnerability through JSON field modification in HTTP requests☆17Jun 22, 2024Updated last year
- Cmdlets for capturing Windows Events☆14Mar 11, 2022Updated 4 years ago
- The book and code repo for the FREE Fundamental C++ book by Kevin Thomas.☆20Nov 26, 2025Updated 3 months ago
- VB Exe Parser is an IDA script written in Python. This script will help you to parse VB program internal structures. It can find: Event, …☆17Oct 8, 2016Updated 9 years ago
- ☆23Dec 15, 2022Updated 3 years ago
- Indicators of Normality☆11Jul 22, 2022Updated 3 years ago
- A dynamic unpacking tool☆149Sep 17, 2023Updated 2 years ago
- A tool to find folders excluded from AV real-time scanning using a time oracle☆233Feb 13, 2024Updated 2 years ago
- Web-based tool that allows comparing symbol, type and syscall information of Microsoft Windows binaries across different versions of the …☆357Mar 16, 2026Updated last week
- Automatically spider the result set of a Censys/Shodan search and download all files where the file name or folder path matches a regex.☆28Apr 22, 2023Updated 2 years ago
- Collection of Remote Management Monitoring tool artifacts, for assisting forensics and investigations☆102Aug 15, 2025Updated 7 months ago
- ☆17Nov 13, 2024Updated last year
- Scripts and lists to help generate YARA friendly string mutations☆22Apr 9, 2023Updated 2 years ago
- ☆23Nov 29, 2023Updated 2 years ago
- ☆13Nov 10, 2020Updated 5 years ago
- Small tool to play with IOCs caused by Imageload events☆44May 14, 2023Updated 2 years ago
- Searching .evtx logs for remote connections☆24Jul 6, 2023Updated 2 years ago