DidierStevens / AdHoc

Related projects: ⓘ

• BinaryDefense / YaraMemoryScanner
  Simple PowerShell script to enable process scanning with Yara.
  ☆86Updated last year
• AhmedKamal1432 / Evilize
  Triaging Windows event logs based on SANS Poster
  ☆37Updated last year
• Immersive-Labs-Sec / BruteRatel-DetectionTools
  A collection of Tools and Rules for decoding Brute Ratel C4 badgers
  ☆61Updated 2 years ago
• yoda66 / MalwareDevTalk
  ☆47Updated 4 years ago
• preludeorg / test
  ☆36Updated this week
• embee-research / Yara-detection-rules
  Yara Rules for Modern Malware
  ☆68Updated 6 months ago
• stairwell-inc / cobalt-strike-stager-parser
  ☆34Updated last year
• matterpreter / FindETWProviderImage
  Quickly search for references to a GUID in DLLs, EXEs, and drivers
  ☆59Updated 2 years ago
• JPCERTCC / Lazarus-research
  Lazarus analysis tools and research report
  ☆54Updated 8 months ago
• tuian / subTee-gits-backups
  subTee gists code backups
  ☆38Updated 6 years ago
• jsecurity101 / Detecting-Process-Injection-Techniques
  This is a repository that is meant to hold detections for various process injection techniques.
  ☆32Updated 4 years ago
• edygert / runsc
  runsc loads 32/64 bit shellcode (depending on how runsc is compiled) in a way that makes it easy to load in a debugger. This code is base…
  ☆34Updated last year
• jstrosch / subparse
  Modular malware analysis artifact collection and correlation framework
  ☆49Updated 4 months ago
• Mr-B0b / BloodCheck
  BloodCheck enables Red and Blue Teams to manage multiple Neo4j databases and run Cypher queries against a BloodHound dataset.
  ☆17Updated 3 years ago
• RiccardoAncarani / talks
  ☆41Updated 2 years ago
• DissectMalware / OfficeForensicTools
  A set of tools for collecting forensic information
  ☆24Updated 4 years ago
• slaughterjames / excelpeek
  ☆37Updated 2 years ago
• nasbench / C2-Matrix-Indicators
  This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix
  ☆72Updated 2 years ago
• mandiant / apooxml
  Generate YARA rules for OOXML documents.
  ☆37Updated last year
• MITRECND / picaboo
  Specialized tool to dump Position Independent Code.
  ☆21Updated 4 years ago
• deepinstinct / DeMotet
  Unpacking and decryption tools for the Emotet malware
  ☆46Updated 2 years ago
• citronneur / kerlab
  Kerberos laboratory to better understand and then detecting attack on kerberos
  ☆67Updated 3 years ago
• scythe-io / compound-actions
  ☆39Updated this week
• pgormanDS / hash_spider
  A module for CME that spiders across a domain.
  ☆35Updated 2 years ago
• keydet89 / LNK
  Repository for LNK stuff
  ☆27Updated 2 years ago
• fashionproof / RunHijackHunter
  ☆15Updated 3 years ago
• LOLDrivers-Project / LOLDrivers
  ☆35Updated this week
• g-les / 100DaysofYARA
  100 Days of YARA to be updated with rules & ideas as the year progresses
  ☆57Updated last year
• secdev-01 / AllTheThingsExec
  ☆130Updated this week
• airbus-cert / vbSparkle
  VBScript & VBA source-to-source deobfuscator with partial-evaluation
  ☆72Updated last month