Collection of malware persistence and hunting information. Be a persistent persistence hunter!
☆185Oct 3, 2025Updated 5 months ago
Alternatives and similar repositories for malware-persistence
Users that are interested in malware-persistence are comparing it to the libraries listed below
Sorting:
- Import AbuseCH IOC Feeds into MISP☆12Feb 17, 2021Updated 5 years ago
- A curated list of awesome malware persistence tools and resources.☆274Oct 3, 2025Updated 5 months ago
- PowerGRR is an API client library in PowerShell working on Windows, Linux and macOS for GRR automation and scripting.☆58Mar 18, 2022Updated 3 years ago
- Various methods of executing shellcode☆74Mar 27, 2023Updated 2 years ago
- Cybersecurity Incidents Mind Maps☆34Sep 29, 2021Updated 4 years ago
- Defensomania is a security monitoring and incident response card game.☆65May 24, 2023Updated 2 years ago
- Variety of different process injections implemented in C++☆26May 2, 2021Updated 4 years ago
- Digital Forensics artifact repository☆1,210Feb 11, 2026Updated 3 weeks ago
- Vagrant Files to create a Virtualbox VM for Malware Analysis☆13Jun 1, 2021Updated 4 years ago
- Personal compilation of APT malware from whitepaper releases, documents and own research☆266Feb 7, 2019Updated 7 years ago
- macOS triage is a python script to collect various macOS logs, artifacts, and other data.☆25Mar 25, 2021Updated 4 years ago
- ☆23Jul 7, 2023Updated 2 years ago
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆87Dec 17, 2025Updated 2 months ago
- Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.☆612Dec 8, 2025Updated 3 months ago
- A Powershell incident response framework☆1,639Nov 22, 2022Updated 3 years ago
- Defanged Indicator of Compromise (IOC) Extractor.☆569Aug 28, 2024Updated last year
- Collection of Event ID ressources useful for Digital Forensics and Incident Response☆644Jun 19, 2024Updated last year
- A collection of resources for Threat Hunters☆914Oct 15, 2024Updated last year
- Library of threat hunts to get any user started!☆50Sep 4, 2020Updated 5 years ago
- MISP Workbench☆28Oct 19, 2016Updated 9 years ago
- Forensic Artifact Collection Tool Matrix☆95Nov 9, 2024Updated last year
- This repository contains sample programs that mimick behavior found in real-world malware. The goal is to provide source code that can be…☆685Jul 6, 2024Updated last year
- Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks,…☆2,314Oct 31, 2025Updated 4 months ago
- Parses KAPE module files and downloads binaries referenced by BinaryURL☆18Oct 2, 2019Updated 6 years ago
- CyCAT.org taxonomies☆15May 22, 2021Updated 4 years ago
- ☆20Jan 28, 2026Updated last month
- Fang and defang indicators of compromise. You can test this project in a GUI here: http://ioc-fanger.hightower.space .☆68Oct 2, 2023Updated 2 years ago
- D-Scan project for office document analysis and generating flow diagram of macro in documents. For demo visit☆29Jan 10, 2026Updated last month
- Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.☆75Jan 18, 2022Updated 4 years ago
- Misc Tools for Virus Total Interaction☆34Mar 2, 2018Updated 8 years ago
- Offensive Security Wireless Professional☆17Mar 14, 2020Updated 5 years ago
- ReversingLabs YARA Rules☆900Nov 3, 2025Updated 4 months ago
- PowerSponse is a PowerShell module focused on targeted containment and remediation during incident response.☆40Mar 18, 2022Updated 3 years ago
- Malwoverview is a rapid response tool used to gather intelligence information from VirusTotal, Hybrid Analysis, URLHaus, Polyswarm, Malsh…☆3,633Mar 1, 2026Updated last week
- BadExclusions is a tool to identify folder custom or undocumented exclusions on AV/EDR☆21Feb 8, 2024Updated 2 years ago
- ☆18Apr 4, 2019Updated 6 years ago
- Repository for different Windows DFIR related CMDs, PowerShell CMDlets, etc, plus workshops that I did for different conferences or event…☆77Jul 13, 2021Updated 4 years ago
- Threat Hunting & Incident Investigation with Osquery☆216Mar 30, 2022Updated 3 years ago
- A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more e…☆4,492Jan 12, 2026Updated last month