A repository to store community malware research notes and findings.
☆15Feb 13, 2026Updated 2 weeks ago
Alternatives and similar repositories for community-malware-research
Users that are interested in community-malware-research are comparing it to the libraries listed below
Sorting:
- Detection rules and threat hunting queries in Defender XDR and Azure Sentinel☆16Feb 11, 2026Updated 3 weeks ago
- Just Another broken Registry Parser (JARP)☆16May 23, 2024Updated last year
- Defender Resource Hub☆30Feb 23, 2026Updated last week
- USN Journal full path builder☆65Sep 16, 2024Updated last year
- Information about the open-source-dfir slack community☆30Jun 17, 2023Updated 2 years ago
- Chrome Logs Events and Protobuf Parser☆39Dec 13, 2022Updated 3 years ago
- macOS Artifacts☆33Mar 2, 2025Updated last year
- Microsoft Sentinel related content☆38Jan 22, 2025Updated last year
- ThingFinder is a tool designed to facilitate searching and analysing code, whether it's source code or compiled binary executables. It pr…☆40Jun 16, 2024Updated last year
- Short Python script for parsing Defender VDM signature files.☆10Sep 22, 2024Updated last year
- ☆12Apr 1, 2023Updated 2 years ago
- A Collection of Proof of Concepts for non-published Web Exploits and Common CVEs☆10Nov 29, 2020Updated 5 years ago
- Lazy SPL to detect Spring4Shell exploitation☆12Jul 8, 2022Updated 3 years ago
- ☆16Jul 8, 2024Updated last year
- ☆38Aug 27, 2021Updated 4 years ago
- The purpose of this repository is to share KQL queries to help identify security misconfigurations, hunt for specific patterns, or detect…☆77Feb 10, 2026Updated 3 weeks ago
- A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.☆43Jul 18, 2022Updated 3 years ago
- A package that get baseball data☆13Feb 24, 2025Updated last year
- Knowledge base for reverse engineering and malware analysis☆15Jan 11, 2026Updated last month
- ADE: automates Active Directory enumeration for labs (Hack The Box, Hack Smarter, TryHackMe, Proving Grounds) and exam prep (OSCP, CPTS).☆28Jan 19, 2026Updated last month
- AWS Live Response☆11Sep 19, 2017Updated 8 years ago
- Training materials I've written.☆11Nov 11, 2025Updated 3 months ago
- Network scanning tool designed to detect and report changes in open ports and services over time☆13Oct 16, 2025Updated 4 months ago
- NativePayload_TiACBT (Remote Thread Injection + C# Async Method + CallBack Functions Technique)☆13Jun 6, 2023Updated 2 years ago
- Windows Shell Link (LNK) Proof of Concept☆16Jul 19, 2025Updated 7 months ago
- Python script to run battery of Volatility plugins against a forensic memory image☆10Jun 22, 2019Updated 6 years ago
- All my POC related to malware development☆15Feb 19, 2026Updated 2 weeks ago
- FileSigExtractor is a python based tool which extracts the file signatures of all files within a directory and writes the output to a CSV…☆10Jul 15, 2023Updated 2 years ago
- 📜 Scrape targeted wordlists for password cracking using CSS selectors☆44Dec 18, 2025Updated 2 months ago
- Volatility plugin to search for all Autostart Extensibility Points (AESPs)☆10May 16, 2024Updated last year
- Small and highly portable detection tests based on MITRE's ATT&CK.☆12Jun 24, 2021Updated 4 years ago
- Save as PDF addon for Firefox and Google Chrome☆15Jun 12, 2025Updated 8 months ago
- ☆10Aug 11, 2025Updated 6 months ago
- My Linux profiles built for Volatility 2/3☆10Oct 11, 2025Updated 4 months ago
- Source Code for 'Cryptography and Cryptanalysis in MATLAB' by Marius Iulian Mihailescu and Stefania Loredana Nita☆14Sep 14, 2021Updated 4 years ago
- OSINT Graph Investigation Application☆32Dec 11, 2025Updated 2 months ago
- LLM supported Toolkit for Blue Team/ SOC Operations☆46Jan 10, 2026Updated last month
- [PHP][Python] Root Exploiter – No Back-Connect☆10Aug 27, 2021Updated 4 years ago
- Splunk Searches and Dashboards for DNS Threat Hunting☆10Mar 5, 2018Updated 8 years ago