JanielDary / ELFieScannerLinks
A C++ tool for process memory scanning & suspicious telemetry generation that attempts to detect a number of malicious techniques used by threat actors & those which have been incorporated into open-source user-mode rootkits.
☆83Updated last year
Alternatives and similar repositories for ELFieScanner
Users that are interested in ELFieScanner are comparing it to the libraries listed below
Sorting:
- SRE - Dissecting Malware for Static Analysis & the Complete Command-line Tool☆53Updated 5 months ago
- Cheat sheet to detect and remove linux kernel rootkit☆60Updated 5 months ago
- A set of rootkit-like abilities for unprivileged users, and vulnerabilities based on the DOT-to-NT path conversion known issue☆98Updated last year
- ElfDoor-gcc is an LD_PRELOAD that hijacks gcc to inject malicious code into binaries during linking, without touching the source code.☆109Updated last month
- ☆52Updated 7 months ago
- Malware Analysis tools☆26Updated 8 months ago
- Signature-based detection of malware features based on Windows API call sequences. It's like YARA for sandbox API traces!☆83Updated last year
- This repository contains an IDA processor for loading and disassembling compiled yara rules.☆41Updated 5 months ago
- ☆68Updated 4 months ago
- bootloaders.io is a curated list of known malicious bootloaders for various operating systems. The project aims to assist security profes…☆60Updated last year
- Library that eases the use of indirect syscalls. Quite interesting AV/EDR bypass as PoC.☆99Updated 3 weeks ago
- OffensiveCon 2024 Repo, contains PoCs and materials for talk "UEFI and the Task of the Translator"☆42Updated last year
- CVE-2024-30090 - LPE PoC☆107Updated 7 months ago
- ☆100Updated 6 months ago
- IDA Python scripts☆36Updated last month
- Proof-of-Concept for CVE-2024-26218☆51Updated last year
- ☆18Updated 2 weeks ago
- An automation plugin for Tiny-Tracer framework to trace and watch functions directly out of the executable's import table or trace logs (…☆115Updated 10 months ago
- GoResolver is a Go analysis tool using both Go symbol extraction and Control Flow Graph (CFG) similarity to identify and resolve the func…☆62Updated last month
- ☆46Updated 2 months ago
- Rust Linux Kernel Module designed for LKM rootkit detection☆45Updated 2 months ago
- Intelligent Malware that takes screenshots for entire monitors and exfiltrate them through Trusted Channel Slack to the C2 server that's …☆29Updated this week
- ☆106Updated 7 months ago
- This x64dbg plugin allows you to upload your sample to Malcore and view the results.☆37Updated last year
- Finding secrets in kernel and user memory☆116Updated last year
- Windows Kernel Pool (clfs.sys) Corruption Privilege Escalation☆127Updated last year
- Vibe Malware Triage - MCP server for static PE analysis.☆47Updated 2 weeks ago
- ☆39Updated last year
- ☆119Updated last year
- The Frida-Jit-unPacker aims at helping researchers and analysts understand the behavior of packed malicious .NET samples.☆61Updated last year