3xp0rt / LockBit-Tattoo

Related projects: ⓘ

• SleepTheGod / Windows-Atom-Table-Hijacking
  A privilege escalation vulnerability exists in Windows due to a flaw in the implementation of the Atom Table. An attacker could exploit t…
  ☆25Updated this week
• f0wl / blackCatConf
  Configuration Extractor for BlackCat Ransomware
  ☆30Updated 2 years ago
• IntelBroker / Endurance-Wiper
  a small wiper malware programmed in c#
  ☆43Updated last year
• mgrube / recon_22
  ☆10Updated 2 years ago
• cyberark / malware-research
  ☆33Updated last year
• embee-research / IcedID
  Static Decryptor for IcedID Malware
  ☆18Updated last year
• nyxgeek / dirdevil
  hiding in plain sight: part 2
  ☆40Updated 2 months ago
• FarghlyMal / Config-Extractors
  ☆26Updated last month
• reveng007 / DareDevil
  Stealthy Loader-cum-dropper/stage-1/stager targeting Windows10
  ☆37Updated last year
• RussianPanda95 / Configuration_extractors
  Configuration Extractors for Malware
  ☆51Updated 2 weeks ago
• ItsCyberAli / EncryptedReaper
  ☆42Updated this week
• dr4k0nia / Greenline
  Unpacker and Config Extractor for managed Redline Stealer payloads
  ☆36Updated last year
• CronUp / EnAnalisis
  ☆37Updated 2 weeks ago
• MitchHS / Discord-DLL-Hijacking
  This is a simple example of DLL hijacking enabling proxy execution.
  ☆65Updated last year
• 0x4427 / Defanger
  Defanger is a Notepad++ plugin that defangs/refangs malicious IOCs.
  ☆23Updated last year
• cocomelonc / 2022-07-21-malware-tricks-22
  Run payload like a Lazarus Group (UuidFromStringA). C++ implementation
  ☆17Updated 2 years ago
• RussianPanda95 / IDAPython
  IDA Python scripts
  ☆26Updated 8 months ago
• persistent-security / hermes-the-messenger
  A PoC for achieving persistence via push notifications on Windows
  ☆43Updated last year
• NotokDay / NTProcessInjector
  Process injection via native Windows APIs (NTAPIs)
  ☆15Updated 8 months ago
• NexusFuzzy / redline_config
  Tool to retrieve Config from Redline C2 servers
  ☆16Updated last year
• rara64 / GetTrustedInstaller
  Make an executable run with TrustedInstaller permissions under SYSTEM account.
  ☆38Updated 3 years ago
• hackerhouse-opensource / AESCrypt
  AES-256 Microsoft Cryptography API Example Use.
  ☆29Updated 10 months ago
• rtfmkiesel / loldrivers-client
  Scan your computer for known vulnerable and known malicious Windows drivers using loldrivers.io
  ☆77Updated 7 months ago
• hwvs / Invoke-GPTObfuscation
  Powershell implementation of a novel technique. Invoke-GPTObfuscation is a PowerShell Obfuscator that utilizes OpenAI (and other APIs) to…
  ☆48Updated 9 months ago
• montysecurity / InfraSpyder
  Automatically spider the result set of a Censys/Shodan search and download all files where the file name or folder path matches a regex.
  ☆27Updated last year
• whokilleddb / injection-for-dummies
  A collection of PoCs for different injection techniques on Windows!
  ☆41Updated last year
• 0xEr3bus / ShadowForgeC2
  ShadowForge Command & Control - Harnessing the power of Zoom's API, control a compromised Windows Machine from your Zoom Chats.
  ☆41Updated last year
• NUL0x4C / GP
  using the gpu to hide your payload
  ☆47Updated 2 years ago
• 0x0v1 / MalwareRETools
  A repo containing some tooling build to assist with reverse engineering malware samples
  ☆15Updated last year
• 0xNinjaCyclone / IATUnhooker
  IAT Unhooking proof-of-concept
  ☆26Updated 5 months ago