Macmod / malkom
Malkom is an extensible and simple similarity graph generator for malware analysis aimed at helping analysts visualize and cluster sets of PE and ELF malware samples.
☆16Updated last year
Alternatives and similar repositories for malkom:
Users that are interested in malkom are comparing it to the libraries listed below
- ☆18Updated 2 months ago
- Tool for obtaining information about PPL processes☆17Updated last year
- A collection of tools adversaries commonly use in an attack.☆14Updated 4 months ago
- ☆12Updated 2 years ago
- A cap/pcap packet parser to make life easier when performing stealth/passive reconnaissance.☆21Updated 8 months ago
- Extension functionality for the NightHawk operator client☆27Updated last year
- OMIGOD! OM I GOOD? A free scanner to detect VMs vulnerable to one of the "OMIGOD" vulnerabilities discovered by Wiz's threat research tea…☆18Updated 3 years ago
- An injector that use PT_LOAD technique☆12Updated 2 years ago
- A tool that adds reproducible UUIDs to YARA rules☆13Updated 11 months ago
- Hash collisions and their exploitations☆9Updated 2 years ago
- PoC MSI payload based on ASEC/AhnLab's blog post☆23Updated 2 years ago
- Tricard - Malware Sandbox Fingerprinting☆20Updated last year
- ☆18Updated last year
- Slides from my talk at the Adversary Village, Defcon 30☆29Updated 2 years ago
- A utility that can be used to launch an executable with a DLL injected☆18Updated last year
- Static Decryptor for IcedID Malware☆18Updated 2 years ago
- Identifies metadata of .NET binary files.☆21Updated last year
- EventLogSilencer is a PowerShell script designed for disable Windows Event Logging☆16Updated last year
- Parser for Windows PowerShell script block logs☆13Updated 3 months ago
- Proof-of-Concept to evade auditd by tampering via ptrace☆17Updated last year
- Defeating Anti-Debugging Techniques for Malware Analysis☆13Updated 2 years ago
- powershell script i wrote that can suspend an arbitrary process (with limits)☆20Updated 2 years ago
- Beacon Object Files used for Cobalt Strike☆17Updated last year
- An adaptation of timwhitez's proxycall that uses kernelbase.dll!Beep.☆12Updated last year
- This central repository is crafted for cybersecurity enthusiasts, researchers, and professionals aiming to advance their skills. It offer…☆14Updated 5 months ago
- A C# Tool to gather information about email breaches☆14Updated last year
- NanoDumpInject from https://s3cur3th1ssh1t.github.io/Reflective-Dump-Tools/ , minor edits with a few syscalls☆11Updated 2 years ago
- The repository accompanying the Buer Emulation workshop☆24Updated 3 years ago
- Malware development: persistence - part 1: startup folder registry keys. C++ implementation☆12Updated 2 years ago
- TL;DR: Mutate a binary to identify potential exploit candidates☆12Updated last year