Macmod / malkomLinks
Malkom is an extensible and simple similarity graph generator for malware analysis aimed at helping analysts visualize and cluster sets of PE and ELF malware samples.
☆16Updated 2 years ago
Alternatives and similar repositories for malkom
Users that are interested in malkom are comparing it to the libraries listed below
Sorting:
- Defeating Anti-Debugging Techniques for Malware Analysis☆13Updated 2 years ago
- ☆11Updated 2 years ago
- Tricard - Malware Sandbox Fingerprinting☆20Updated last year
- A collection of tools adversaries commonly use in an attack.☆14Updated 9 months ago
- A tool that adds reproducible UUIDs to YARA rules☆13Updated last year
- Extension functionality for the NightHawk operator client☆27Updated last year
- Simple and efficient file shredding☆14Updated 5 years ago
- An injector that use PT_LOAD technique☆12Updated 2 years ago
- Volatility 3 plugins to extract a module as complete as possible☆12Updated 2 years ago
- ☆12Updated 3 years ago
- Sources Codes of many Office Malwares☆17Updated 3 years ago
- Slides from my talk at the Adversary Village, Defcon 30☆29Updated 2 years ago
- powershell script i wrote that can suspend an arbitrary process (with limits)☆20Updated 2 years ago
- Automatically spider the result set of a Censys/Shodan search and download all files where the file name or folder path matches a regex.☆28Updated 2 years ago
- ☆18Updated last year
- The repository accompanying the Buer Emulation workshop☆24Updated 4 years ago
- This repository contains several AMSI bypasses. These bypasses are based on some very nice research that has been put out by some awesome…☆24Updated 3 years ago
- Proof-of-Concept to evade auditd by tampering via ptrace☆17Updated 2 years ago
- Help deobfuscate VBScript☆16Updated 3 years ago
- PoC MSI payload based on ASEC/AhnLab's blog post☆23Updated 2 years ago
- A Docker container used to easily compile Nim binaries generated by my tools (NimPackt and NimPlant)☆16Updated 2 years ago
- Tool for obtaining information about PPL processes☆17Updated last year
- ☆17Updated 2 years ago
- Dump Lsass Memory Using a Reflective Dll☆14Updated 3 years ago
- NanoDumpInject from https://s3cur3th1ssh1t.github.io/Reflective-Dump-Tools/ , minor edits with a few syscalls☆11Updated 3 years ago
- A mechanism that trampoline hooks functions in x86/x64 systems.☆22Updated 11 months ago
- ☆18Updated 8 months ago
- Collection of generic YARA rules☆16Updated last month
- An adaptation of timwhitez's proxycall that uses kernelbase.dll!Beep.☆15Updated last year
- Golang C2 Agent PoC utilizing web and social media paltforms to issue command and control and pasting results to PasteBin☆16Updated 5 years ago