BorjaMerino / DoublePulsar-Volatility
Volatility plugin to help identify DoublePulsar implant by listing the array of pointers SrvTransaction2DispatchTable from the srv.sys driver.
☆16Updated 7 years ago
Alternatives and similar repositories for DoublePulsar-Volatility:
Users that are interested in DoublePulsar-Volatility are comparing it to the libraries listed below
- Simple DDE object detector☆56Updated 7 years ago
- WhiteBox CMS analysis☆69Updated last year
- Comprehensive Pivoting Framework☆20Updated 8 years ago
- An offensive Powershell console☆30Updated 9 years ago
- PHDAYS |||☆17Updated 11 years ago
- Python Implementation of a .NET Padding Oracle Assessment Tool☆30Updated 9 years ago
- PowerShell Empire docker build☆23Updated 8 years ago
- A tool to catch spoofed NBNS responses.☆50Updated 6 years ago
- Development guide for Volatility Plugins☆23Updated 7 years ago
- Spray SMB with hashes, Then psexec☆32Updated 5 years ago
- This tool will extract useful information from the McAfee update SiteList file and decrypt the associated password for each entry.☆26Updated 7 years ago
- Materials related to the 2017 BSides Las Vegas presentation☆52Updated 4 years ago
- Generate ATT&CK Navigator layer file from PowerShell Empire agent logs☆49Updated 6 years ago
- McAfee ePolicy 0wner exploit code☆46Updated 6 years ago
- Material from our CANAPE workshop☆32Updated 6 years ago
- Issues to consider when planning a red team exercise.☆15Updated 7 years ago
- Shows command lines used by latest instances analyzed on Hybrid-Analysis☆43Updated 6 years ago
- Talk given at DerbyCon and RuxCon 2016☆22Updated 8 years ago
- Automated Exploit Toolkit for CVE-2015-6095 and CVE-2016-0049☆50Updated 7 years ago
- A ready to deploy docker container for a fresh sandbox for on-the-fly malware analysis☆43Updated 7 years ago
- My IDA scripts, tips and testing techniques for Thick Client applications.☆17Updated 10 years ago
- A C# web handler that is vulnerable to XXE with PoC. This is to serve as an example of what vulnerable C# code looks like.☆26Updated 11 years ago
- Python scripts to parse scans.io ssl data and ingest into elasticsearch for searching☆33Updated 8 years ago
- Parses Java Cache IDX files☆39Updated 7 years ago
- This script is used for extracting DDE in docx and xlsx☆12Updated 7 years ago
- Collection of my Python Scripts☆41Updated 4 years ago
- Parse nmap's XML output files and insert them into an SQLite database☆29Updated 7 years ago
- put this here because archival reasons.☆28Updated 7 years ago
- A vulnerability reporting database to help pentesters write consistent, easy reports.☆9Updated 9 years ago
- Kerberom is a tool aimed to retrieve ARC4-HMAC'ed encrypted Tickets Granting Service (TGS) of accounts having a Service Principal Name (S…☆36Updated 6 years ago