DissectMalware / yaradbg-frontend
☆39Updated last year
Alternatives and similar repositories for yaradbg-frontend:
Users that are interested in yaradbg-frontend are comparing it to the libraries listed below
- ☆25Updated last year
- Hollowise is a tool that implements process hollowing and PPID (Parent Process ID) spoofing techniques for masking a legitimate analysis …☆36Updated 2 months ago
- ☆27Updated 4 months ago
- Live memory analysis detecting malware IOCs in processes, modules, handles, tokens, threads, .NET assemblies, memory address space and en…☆40Updated 7 months ago
- a tiny program to consume from ETW providers for research☆47Updated 3 months ago
- Repo containing my public talks☆23Updated last year
- MITRE TTPs derived from Conti's leaked playbooks from XSS.IS☆37Updated 3 years ago
- Malware Muncher is a proof-of-concept Python script that utilizes the Frida framework for binary instrumentation and API hooking, enablin…☆44Updated 2 years ago
- Scan files for potential threats while leveraging AMSI (Antimalware Scan Interface) and Windows Defender. By isolating malicious content.☆15Updated 3 months ago
- Scan your computer for known vulnerable and known malicious Windows drivers using loldrivers.io☆82Updated last year
- Malware Analysis tools☆26Updated 7 months ago
- IDA Python scripts☆35Updated 2 weeks ago
- General malware analysis stuff☆36Updated 7 months ago
- ☆48Updated last year
- Golang bindings for PE-sieve☆43Updated last year
- Signature-based detection of malware features based on Windows API call sequences. It's like YARA for sandbox API traces!☆82Updated last year
- ☆20Updated last year
- quASAR: ASAR manipulation made easy☆37Updated 2 years ago
- Cheat sheet to detect and remove linux kernel rootkit☆55Updated 4 months ago
- DLL Unlinking from InLoadOrderModuleList, InMemoryOrderModuleList, InInitializationOrderModuleList, and LdrpHashTable☆57Updated last year
- ☆22Updated last year
- Powershell Linter☆50Updated 3 weeks ago
- Identifies metadata of .NET binary files.☆21Updated last year
- An automation plugin for Tiny-Tracer framework to trace and watch functions directly out of the executable's import table or trace logs (…☆116Updated 9 months ago
- SRE - Dissecting Malware for Static Analysis & the Complete Command-line Tool☆52Updated 3 months ago
- ☆52Updated 6 months ago
- OffensiveCon 2024 Repo, contains PoCs and materials for talk "UEFI and the Task of the Translator"☆42Updated 11 months ago
- Powershell implementation of a novel technique. Invoke-GPTObfuscation is a PowerShell Obfuscator that utilizes OpenAI (and other APIs) to…☆49Updated last year
- rpv-web is a browser based frontend for the rpv library☆24Updated 2 weeks ago
- A practical resource on using open-source tools for Incident Response. This repo shares workflows, tool setups, and steps for responding …☆28Updated 5 months ago