DissectMalware / batch_deobfuscator
Deobfuscate batch scripts obfuscated using string substitution and escape character techniques.
☆145Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for batch_deobfuscator
- A PowerShell script that attempts to help malware analysts hide their Windows VirtualBox Windows VM's from malware that may be trying to …☆279Updated last year
- A PowerShell script that attempts to help malware analysts hide their VMware Windows VM's from malware that may be trying to evade analys…☆280Updated 8 months ago
- Collection of malware persistence and hunting information. Be a persistent persistence hunter!☆165Updated 2 months ago
- Demos of various (also non standard) persistence methods used by malware☆219Updated last year
- ShowStopper is a tool for helping malware researchers explore and test anti-debug techniques or verify debugger plugins or other solution…☆196Updated 2 years ago
- Personal research and publication on malware families☆137Updated 2 years ago
- Research on Anti-malware and other related security solutions☆257Updated 4 years ago
- Unprotect is a python tool for parsing PE malware and extract evasion techniques.☆111Updated last year
- The project is designed as a file resource cloner. Metadata, including digital signature, is extracted from one file and injected into a…☆329Updated this week
- Extract AutoIt scripts embedded in PE binaries☆175Updated 4 months ago
- Skrull is a malware DRM, that prevents Automatic Sample Submission by AV/EDR and Signature Scanning from Kernel. It generates launchers t…☆448Updated 3 years ago
- ☆131Updated last year
- API Logger for Windows Executables☆77Updated 4 years ago
- PoC Thread Execution Hijacking for Win32 Code Injection☆173Updated 3 months ago
- A Feature Rich Modular Malware Configuration Extraction Utility for MalDuck☆124Updated last year
- Creates a .lnk file with unicode chars that reverse the file extension and adds a .txt to the end to make it appear as a textfile. Paylo…☆111Updated 3 years ago
- Parsers for custom malware formats ("Funky malware formats")☆92Updated 2 years ago
- Virus Exchange (VX) - Collection of malware or assembly code used for "offensive" purposed.☆178Updated 2 years ago
- An automatic unpacker and logger for DotNet Framework targeting files☆249Updated last year
- Malware Configuration Extraction Modules☆47Updated last year
- Executable that mutates its own code☆369Updated last year
- PeaceMaker Threat Detection is a Windows kernel-based application that detects advanced techniques used by malware.☆417Updated 4 years ago
- ☆213Updated 6 years ago
- Gozi ISFB is a well-known and widely distributed banking trojan, and has been in the threat landscape for the past several years.☆63Updated 6 years ago
- Killing your preferred antimalware by abusing native symbolic links and NT paths.☆351Updated 2 years ago
- Managed assembly shellcode generation☆264Updated 3 years ago
- Batch script to compile a binary shellcode blob into an exe file☆81Updated 5 years ago
- Open Source C++ Crypter. AES-256 Bit Encryption, Virtual Machine Detection and Almost FUD☆131Updated 3 years ago
- Evasions encyclopedia gathers methods used by malware to evade detection when run in virtualized environment. Methods are grouped into ca…☆386Updated 4 months ago