DissectMalware / batch_deobfuscator

Related projects ⓘ

Alternatives and complementary repositories for batch_deobfuscator

• d4rksystem / VBoxCloak
  A PowerShell script that attempts to help malware analysts hide their Windows VirtualBox Windows VM's from malware that may be trying to …
  ☆277Updated last year
• d4rksystem / VMwareCloak
  A PowerShell script that attempts to help malware analysts hide their VMware Windows VM's from malware that may be trying to evade analys…
  ☆278Updated 8 months ago
• CheckPointSW / showstopper
  ShowStopper is a tool for helping malware researchers explore and test anti-debug techniques or verify debugger plugins or other solution…
  ☆196Updated 2 years ago
• nazywam / AutoIt-Ripper
  Extract AutoIt scripts embedded in PE binaries
  ☆173Updated 3 months ago
• Karneades / malware-persistence
  Collection of malware persistence and hunting information. Be a persistent persistence hunter!
  ☆164Updated 2 months ago
• NtRaiseHardError / Antimalware-Research
  Research on Anti-malware and other related security solutions
  ☆256Updated 4 years ago
• xorhex / mlget
  A golang CLI tool to download malware from a variety of sources.
  ☆141Updated 9 months ago
• hasherezade / funky_malware_formats
  Parsers for custom malware formats ("Funky malware formats")
  ☆92Updated 2 years ago
• fr0gger / unprotect
  Unprotect is a python tool for parsing PE malware and extract evasion techniques.
  ☆111Updated last year
• hasherezade / persistence_demos
  Demos of various (also non standard) persistence methods used by malware
  ☆219Updated last year
• poona / APIMiner
  API Logger for Windows Executables
  ☆77Updated 4 years ago
• advanced-threat-research / DotDumper
  An automatic unpacker and logger for DotNet Framework targeting files
  ☆248Updated last year
• josh0xA / threadfire
  PoC Thread Execution Hijacking for Win32 Code Injection
  ☆173Updated 3 months ago
• dalvarezperez / CreateFile_based_rootkit
  ☆132Updated last year
• mandiant / dncil
  The FLARE team's open-source library to disassemble Common Intermediate Language (CIL) instructions.
  ☆158Updated last week
• albertzsigovits / malware-writeups
  Personal research and publication on malware families
  ☆137Updated 2 years ago
• OALabs / Lab-Notes
  Code snips and notes
  ☆131Updated 2 years ago
• hasherezade / mal_unpack
  Dynamic unpacker based on PE-sieve
  ☆657Updated 8 months ago
• t3rabyt3-zz / Gozi
  Gozi ISFB is a well-known and widely distributed banking trojan, and has been in the threat landscape for the past several years.
  ☆63Updated 6 years ago
• Unprotect-Project / Unprotect_Submission
  Repository to publish your evasion techniques and contribute to the project
  ☆134Updated 3 weeks ago
• c3rb3ru5d3d53c / mwcfg-modules
  Malware Configuration Extraction Modules
  ☆47Updated 11 months ago
• VoidSec / Exploit-Development
  Exploit Development - Weaponized Exploit and Proof of Concepts (PoC)
  ☆217Updated last year
• am0nsec / vx
  Virus Exchange (VX) - Collection of malware or assembly code used for "offensive" purposed.
  ☆177Updated 2 years ago
• hfiref0x / WDExtract
  Extract Windows Defender database from vdm files and unpack it
  ☆425Updated 4 years ago
• hasherezade / module_overloading
  A more stealthy variant of "DLL hollowing"
  ☆337Updated 8 months ago
• PELock / Simple-Polymorphic-Engine-SPE32
  Simple Polymorphic Engine (SPE32) is a simple polymorphic engine for encrypting code and data. It is an amateur project that can be used …
  ☆137Updated last year
• D4stiny / PeaceMaker
  PeaceMaker Threat Detection is a Windows kernel-based application that detects advanced techniques used by malware.
  ☆416Updated 4 years ago
• am0nsec / wspe
  Windows System Programming Experiments
  ☆216Updated 2 years ago
• RichHeaderResearch / RichPE
  Metadata hash incorporating the Rich Header for robustness against packing and other malware tricks
  ☆61Updated 3 years ago