Macmod / malkom
Malkom is an extensible and simple similarity graph generator for malware analysis aimed at helping analysts visualize and cluster sets of PE and ELF malware samples.
☆16Updated last year
Alternatives and similar repositories for malkom:
Users that are interested in malkom are comparing it to the libraries listed below
- Extension functionality for the NightHawk operator client☆27Updated last year
- ☆18Updated 2 months ago
- Slides from my talk at the Adversary Village, Defcon 30☆29Updated 2 years ago
- A C# Tool to gather information about email breaches☆14Updated last year
- The Catherine Framework is a general-purpose cybersecurity framework built to provide extended support for defense operations.☆16Updated 11 months ago
- A tool that adds reproducible UUIDs to YARA rules☆13Updated 11 months ago
- OMIGOD! OM I GOOD? A free scanner to detect VMs vulnerable to one of the "OMIGOD" vulnerabilities discovered by Wiz's threat research tea…☆18Updated 3 years ago
- Help deobfuscate VBScript☆15Updated 2 years ago
- Hash collisions and their exploitations☆9Updated 2 years ago
- A cap/pcap packet parser to make life easier when performing stealth/passive reconnaissance.☆21Updated 8 months ago
- An adaptation of timwhitez's proxycall that uses kernelbase.dll!Beep.☆12Updated last year
- Defeating Anti-Debugging Techniques for Malware Analysis☆13Updated 2 years ago
- An injector that use PT_LOAD technique☆12Updated 2 years ago
- TL;DR: Mutate a binary to identify potential exploit candidates☆12Updated last year
- ☆18Updated last year
- Parser for Windows PowerShell script block logs☆13Updated 3 months ago
- A collection of tools adversaries commonly use in an attack.☆14Updated 4 months ago
- Tricard - Malware Sandbox Fingerprinting☆20Updated last year
- ☆16Updated 2 years ago
- Automatically spider the result set of a Censys/Shodan search and download all files where the file name or folder path matches a regex.☆27Updated last year
- ☆12Updated 2 years ago
- PoC MSI payload based on ASEC/AhnLab's blog post☆23Updated 2 years ago
- Official repository for the Advanced Software Exploitation (ASE) course☆20Updated 6 years ago
- Tool for obtaining information about PPL processes☆17Updated last year
- Parser for Sdba memory pool tags☆18Updated 3 years ago
- Scans a list of raccoon servers from Tria.ge and extracts the config☆15Updated last year
- Identifies metadata of .NET binary files.☆21Updated 11 months ago
- ☆12Updated 4 years ago
- A framework for easy payloads development and deployment, collection of customizable XSS payloads☆26Updated 3 years ago
- powershell script i wrote that can suspend an arbitrary process (with limits)☆20Updated 2 years ago