Macmod / malkom
Malkom is an extensible and simple similarity graph generator for malware analysis aimed at helping analysts visualize and cluster sets of PE and ELF malware samples.
☆16Updated 2 years ago
Alternatives and similar repositories for malkom:
Users that are interested in malkom are comparing it to the libraries listed below
- Tool for obtaining information about PPL processes☆17Updated last year
- Dump Lsass Memory Using a Reflective Dll☆14Updated 3 years ago
- OMIGOD! OM I GOOD? A free scanner to detect VMs vulnerable to one of the "OMIGOD" vulnerabilities discovered by Wiz's threat research tea…☆18Updated 3 years ago
- A collection of my presentation materials.☆17Updated 11 months ago
- ☆12Updated 2 years ago
- ☆18Updated 3 months ago
- Tricard - Malware Sandbox Fingerprinting☆20Updated last year
- A collection of tools adversaries commonly use in an attack.☆14Updated 5 months ago
- ☆18Updated last year
- Extension functionality for the NightHawk operator client☆27Updated last year
- PoC MSI payload based on ASEC/AhnLab's blog post☆23Updated 2 years ago
- An adaptation of timwhitez's proxycall that uses kernelbase.dll!Beep.☆12Updated last year
- A custom SentinelOne USB scanner.☆18Updated 3 years ago
- A cap/pcap packet parser to make life easier when performing stealth/passive reconnaissance.☆21Updated 9 months ago
- A utility that can be used to launch an executable with a DLL injected☆18Updated last year
- Hash collisions and their exploitations☆9Updated 2 years ago
- Defeating Anti-Debugging Techniques for Malware Analysis☆13Updated 2 years ago
- Slides from my talk at the Adversary Village, Defcon 30☆29Updated 2 years ago
- ☆12Updated 4 years ago
- A tool that adds reproducible UUIDs to YARA rules☆13Updated last year
- A Docker container used to easily compile Nim binaries generated by my tools (NimPackt and NimPlant)☆16Updated last year
- This repository contains several AMSI bypasses. These bypasses are based on some very nice research that has been put out by some awesome…☆24Updated 2 years ago
- Progress of learning kernel development☆14Updated 2 years ago
- WMI SA stuffs☆29Updated 3 years ago
- powershell script i wrote that can suspend an arbitrary process (with limits)☆20Updated 2 years ago
- An (WIP) EDR Evasion tool for x64 Windows & Linux binaries that utilizes Nanomites, written in Rust.☆18Updated 4 months ago
- Malware campaigns and APTs research by BlackArrow☆18Updated 4 years ago
- My nim learning experiments☆11Updated 2 years ago
- Tool that can be used to trim useless things from a PE file such as the things a file pumper would add.☆26Updated 3 weeks ago
- Official repository for the Advanced Software Exploitation (ASE) course☆20Updated 6 years ago