BinaryDefense/IcedDecrypt external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

BinaryDefense/IcedDecrypt

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/BinaryDefense/IcedDecrypt)

Close

BinaryDefense / IcedDecryptView on GitHubMore

• External links
• Readme badge

IcedID Decryption Tool

☆28May 7, 2021Updated 4 years ago

Alternatives and similar repositories for IcedDecrypt

Users that are interested in IcedDecrypt are comparing it to the libraries listed below

• trustedsec / RisingSun

  View on GitHub
  RisingSun: Decoding SUNBURST C2 to identify infected hosts without network telemetry.
  ☆10Jan 14, 2021Updated 5 years ago
• threatsimgpt-AI / ThreatSimGPT

  View on GitHub
  ☆537Feb 19, 2026Updated last week
• mandiant / apooxml

  View on GitHub
  Generate YARA rules for OOXML documents.
  ☆38Jun 1, 2023Updated 2 years ago
• elceef / yara-rulz

  View on GitHub
  Collection of generic YARA rules
  ☆16Aug 17, 2025Updated 6 months ago
• jhsmith / flareon

  View on GitHub
  Random stuff for FlareOn
  ☆14Oct 6, 2018Updated 7 years ago
• pr0xylife / Bumblebee

  View on GitHub
  ☆15Oct 3, 2024Updated last year
• kirk-sayre-work / box-js

  View on GitHub
  A tool for studying JavaScript malware.
  ☆15Updated this week
• Fmk0 / work

  View on GitHub
  Links or additional data to some researches
  ☆14May 24, 2019Updated 6 years ago
• k-vitali / cryptomix-clop-ransomware

  View on GitHub
  ☆15Jun 5, 2019Updated 6 years ago
• PwCUK-CTO / SANSCTISummit2021-xStart

  View on GitHub
  Indicators of compromise, YARA rules, and Python scripts to supplement the SANS CTI Summit 2021 talk: "xStart when you're ready".
  ☆14Jul 12, 2021Updated 4 years ago
• Silv3rHorn / 4n6_misc

  View on GitHub
  Miscellaneous Scripts
  ☆17Sep 11, 2020Updated 5 years ago
• tbarabosch / apihash_to_yara

  View on GitHub
  Generates YARA rules to detect malware using API hashing
  ☆17Mar 16, 2021Updated 4 years ago
• chrisjd20 / cve-2017-9805.py

  View on GitHub
  Better Exploit Code For CVE 2017 9805 apache struts
  ☆20Dec 23, 2017Updated 8 years ago
• rmdavy / redtest

  View on GitHub
  ☆15Oct 24, 2018Updated 7 years ago
• hasherezade / tag_converter

  View on GitHub
  ☆23Feb 3, 2021Updated 5 years ago
• matthw / malware_analysis

  View on GitHub
  ☆18Mar 26, 2024Updated last year
• d0c-s4vage / narly

  View on GitHub
  Automatically exported from code.google.com/p/narly
  ☆24Jul 11, 2021Updated 4 years ago
• kost / nanomet

  View on GitHub
  Nano meterpreter shell based on TinyMet
  ☆28Aug 27, 2016Updated 9 years ago
• tagnullde / Exploit-Development

  View on GitHub
  My collection of self-written exploits
  ☆24Mar 25, 2022Updated 3 years ago
• sagishahar-zz / scripts

  View on GitHub
  miscellaneous stuff
  ☆21Mar 31, 2015Updated 10 years ago
• cylance / MarkovObfuscate

  View on GitHub
  Use Markov Chains to obfuscate data as other data
  ☆54Aug 3, 2016Updated 9 years ago
• volexity / hwp-extract

  View on GitHub
  A library and cli tool to extract HWP files.
  ☆30Dec 1, 2025Updated 2 months ago
• d00rt / emotet_network_protocol

  View on GitHub
  ☆83Jan 31, 2020Updated 6 years ago
• dtmsecurity / 3aj-lib

  View on GitHub
  Proof of concept communications from C# via a web browser process
  ☆21Feb 15, 2019Updated 7 years ago
• FarghlyMal / Config-Extractors

  View on GitHub
  ☆27Nov 26, 2024Updated last year
• rmdavy / AmsiPEBWalkVBA

  View on GitHub
  Walking the PEB in VBA
  ☆24Apr 6, 2020Updated 5 years ago
• bridgeythegeek / editbox

  View on GitHub
  EditBox is a plugin for the Volatility Framework. It extracts the text from Windows Edit controls, that is, textboxes as generated by Win…
  ☆24Jun 4, 2017Updated 8 years ago
• g-les / 100DaysofYARA

  View on GitHub
  100 Days of YARA to be updated with rules & ideas as the year progresses
  ☆60Jan 18, 2023Updated 3 years ago
• sisoma2 / malware_analysis

  View on GitHub
  Scripts, Yara rules and other files developed during malware investigations
  ☆27Aug 19, 2022Updated 3 years ago
• lucanag / emotet

  View on GitHub
  ☆10Sep 11, 2021Updated 4 years ago
• immortalp0ny / yarg

  View on GitHub
  Yet another rule generator for Yara
  ☆29Jun 6, 2025Updated 8 months ago
• williballenthin / python-sdb

  View on GitHub
  Pure Python parser for Application Compatibility Shim Databases (.sdb files)
  ☆110Jan 26, 2021Updated 5 years ago
• Dump-GUY / Get-UnJlaive

  View on GitHub
  Get-UnJlaive is tool which is able to reconstruct Jlaive (.NET Antivirus Evasion Tool (Exe2Bat)) to original Assembly and stub Assembly.
  ☆22May 19, 2022Updated 3 years ago
• ThisIsLibra / m3

  View on GitHub
  A simple and scalable Android bot emulation framework, as presented at Black Hat Europe 2021's Arsenal, as well as atHack 2021's Arsenal
  ☆28Nov 8, 2021Updated 4 years ago
• f0wl / blackCatConf

  View on GitHub
  Configuration Extractor for BlackCat Ransomware
  ☆31Mar 18, 2022Updated 3 years ago
• mlodic / ursnif_beacon_decryptor

  View on GitHub
  Ursnif beacon decryptor
  ☆27Mar 20, 2023Updated 2 years ago
• avast / yls

  View on GitHub
  YARA Language Server
  ☆74Feb 3, 2026Updated 3 weeks ago
• realparisi / WMI_Monitor

  View on GitHub
  Log newly created WMI consumers and processes to the Windows Application event log
  ☆124Feb 28, 2018Updated 8 years ago
• mxmssh / netafl

  View on GitHub
  winAFL patch to enable network-based apps fuzzing
  ☆37Sep 14, 2018Updated 7 years ago