JPCERTCC / QuasarRAT-Analysis

Related projects ⓘ

Alternatives and complementary repositories for QuasarRAT-Analysis

• SIFalcon / Detection
  ☆21Updated last year
• Immersive-Labs-Sec / BruteRatel-DetectionTools
  A collection of Tools and Rules for decoding Brute Ratel C4 badgers
  ☆62Updated 2 years ago
• deepinstinct / DeMotet
  Unpacking and decryption tools for the Emotet malware
  ☆46Updated 2 years ago
• stairwell-inc / cobalt-strike-stager-parser
  ☆34Updated last year
• MITRECND / picaboo
  Specialized tool to dump Position Independent Code.
  ☆21Updated 4 years ago
• fashionproof / RunHijackHunter
  ☆15Updated 3 years ago
• TarlogicSecurity / sepriv
  Tool to manage user privileges
  ☆28Updated 5 years ago
• snemes / malware-analysis
  ☆23Updated 4 years ago
• n1ght-w0lf / Uchihash
  A small utility to deal with malware embedded hashes.
  ☆48Updated last year
• jaamaal / Embed
  Adapt practically persistence steadiness strategies working at Windows 10 utilized by sponsored nation-state threat actors, as Turla, Pro…
  ☆20Updated 3 years ago
• WithSecureLabs / AMSIDetection
  AMSI detection PoC
  ☆30Updated 4 years ago
• PCsXcetra / DerbyCon-2019Files
  This is a group of tools that I was planning on releasing During Derbycon 2019 talk if it was accepted or with a blogpost if not.
  ☆43Updated 3 years ago
• panagioto / SyscallHide
  Create a Run registry key with direct system calls. Inspired by @Cneelis's Dumpert and SharpHide.
  ☆74Updated 4 years ago
• w1u0u1 / smb2os
  Use smb2 protocol to detect remote computer os version, support win7/server2008-win10/server2019
  ☆59Updated 3 years ago
• NexusFuzzy / NanoDump
  Tool to decrypt the configuration of NanoCore and dump all used plugins
  ☆11Updated 3 years ago
• StefanKelm / yara-rules
  Links to malware-related YARA rules
  ☆14Updated 2 years ago
• OccamsXor / sim-ba
  (Sim)ulate (Ba)zar Loader
  ☆29Updated 4 years ago
• DamonMohammadbagher / ETWNetMonv3
  ETWNetMonv3 is simple C# code for Monitoring TCP Network Connection via ETW & ETWProcessMon/2 is for Monitoring Process/Thread/Memory/Ima…
  ☆38Updated last year
• slyd0g / TimeStomper
  PoC that manipulates Windows file times using SetFileTime() API
  ☆55Updated 5 years ago
• blackarrowsec / malware-research
  Malware campaigns and APTs research by BlackArrow
  ☆18Updated 4 years ago
• xforcered / xPipe
  Cobalt Strike BOF to list Windows Pipes & return their Owners & DACL Permissions
  ☆50Updated 2 years ago
• sisoma2 / malware_analysis
  Scripts, Yara rules and other files developed during malware investigations
  ☆24Updated 2 years ago
• vulnwarex / bin2sc
  Binary to shellcode from an object/executable format 32 & 64-bit PE , ELF
  ☆71Updated 3 years ago
• cedowens / Mythic-Macro-Generator
  Python3 script to generate a macro to launch a Mythic payload. Author: Cedric Owens
  ☆44Updated 3 years ago
• NVISOsecurity / blogposts
  A repo to house files for our blogposts on blog.nviso.eu
  ☆65Updated 2 months ago
• johneiser / MalleableC2Parser
  A library to parse, modify, and implement Malleable C2 profiles
  ☆21Updated 5 years ago
• Apr4h / GetInjectedThreads
  C# Implementation of Jared Atkinson's Get-InjectedThread.ps1
  ☆50Updated 3 years ago
• DissectMalware / OfficeForensicTools
  A set of tools for collecting forensic information
  ☆26Updated 4 years ago
• threatexpress / procdot_sandbox
  ProcDot Malware Sandbox
  ☆21Updated this week
• fatihsirin / Tweettioc-Splunk-App
  Tweettioc Splunk App
  ☆20Updated 4 years ago