Babyhamsta / Malcrow
A Malware Scarecrow for Windows 10/11 with a user-friendly touch.
☆55Updated 5 months ago
Alternatives and similar repositories for Malcrow:
Users that are interested in Malcrow are comparing it to the libraries listed below
- NoDelete is a tool that assists in malware analysis by locking a folder where malware drops files before deleting them.☆45Updated 3 months ago
- ☆42Updated 2 months ago
- Assortment of scripts and tools for our Blackhat EU 2024 talk☆89Updated 2 months ago
- SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…☆51Updated 4 months ago
- Repository that contains a set of purposefully erroneous Yara rules.☆51Updated last year
- FJTA (Forensic Journal Timeline Analyzer) is a tool that analyzes Linux filesystem (EXT4, XFS) journals (not systemd-journald), generates…☆63Updated 2 weeks ago
- ☆23Updated 2 months ago
- A practical resource on using open-source tools for Incident Response. This repo shares workflows, tool setups, and steps for responding …☆28Updated 5 months ago
- This repository is meant to catalog network and host artifacts associated with various EDR products "shell" and response functionalities.☆78Updated 7 months ago
- Linux #rootkit and #malware revealer☆24Updated 8 months ago
- Raw data from Threat Intelligence Reports with automatic reports collection and keyword search across thousands of reports☆109Updated this week
- Baseline a Windows System against LOLBAS☆26Updated 11 months ago
- A collection of small scripts and tools for deobfuscation and malware analysis.☆66Updated 2 years ago
- VeilTransfer is a data exfiltration utility designed to test and enhance the detection capabilities. This tool simulates real-world data …☆136Updated 2 months ago
- Configuration Extractors for Malware☆97Updated last week
- Framework for Monitoring File Ingestion Source for Yara Matches☆46Updated last month
- Convert Sigma rules to SIEM queries, directly in your browser.☆74Updated last week
- Hollowise is a tool that implements process hollowing and PPID (Parent Process ID) spoofing techniques for masking a legitimate analysis …☆36Updated 2 months ago
- Suzaku (朱雀) is a sigma-based threat hunting and fast forensics timeline generator for cloud logs.☆62Updated this week
- LOLESXi is a curated compilation of binaries/scripts available in VMware ESXi that are were used to by adversaries in their intrusions. T…☆123Updated 2 months ago
- A simple tool designed to create Atomic Red Team tests with ease.☆39Updated last month
- A fully-undetectable ransomware that utilizes OneDrive & Google Drive to encrypt target local files☆124Updated 10 months ago
- Segugio allows the execution and tracking of critical steps in the malware detonation process, from clicking on the first stage to extrac…☆149Updated 7 months ago
- Finding ClickFix and FakeCAPTCHA like it's 1999☆14Updated this week
- Pythia is a versatile query format designed to facilitate the discovery of malicious infrastructure by seamlessly converting into the syn…☆32Updated 8 months ago
- ☆37Updated last year
- Cheat sheet to detect and remove linux kernel rootkit☆55Updated 4 months ago
- This repository contains a comprehensive testing designed for evaluating the performance and resilience of Endpoint Detection and Respons…☆54Updated 6 months ago
- Rules shared by the community from 100 Days of YARA 2025☆32Updated 2 months ago
- This project is an Ansible Role to execute Atomic Red Team tests against multiple machines by wrapping Invoke-AtomicRedTeam☆27Updated 9 months ago