Malwation / Chiron-Unpacker
Chiron Unpacker, developed by the Malwation MTR Team, is an Unpacker for Packers using the Assembly.Load function.
☆19Updated 6 months ago
Alternatives and similar repositories for Chiron-Unpacker:
Users that are interested in Chiron-Unpacker are comparing it to the libraries listed below
- OFFZONE 2024 Malware Persistence workshop☆17Updated 4 months ago
- ☆36Updated 4 months ago
- Lena's scripts/code/resources for malware analysis☆26Updated 10 months ago
- Hollowise is a tool that implements process hollowing and PPID (Parent Process ID) spoofing techniques for masking a legitimate analysis …☆36Updated 2 months ago
- Situational Awareness script to identify how and where to run implants☆50Updated 4 months ago
- "Service-less" driver loading☆151Updated 4 months ago
- A simple commandline application to automatically decrypt strings from Obfuscator protected binaries☆42Updated 10 months ago
- Work in progress experiments with reverse shells, AV bypass and extraction of secrets from memory in C☆39Updated 5 years ago
- BSides Prishtina 2024 Malware Development and Persistence workshop☆68Updated this week
- ☆18Updated last month
- ☆66Updated 2 months ago
- ☆39Updated last month
- Windows Administrator level Implant.☆49Updated 6 months ago
- GoResolver is a Go analysis tool using both Go symbol extraction and Control Flow Graph (CFG) similarity to identify and resolve the func…☆41Updated last week
- some leaked src code for known and unknown malwares☆21Updated 3 weeks ago
- The Frida-Jit-unPacker aims at helping researchers and analysts understand the behavior of packed malicious .NET samples.☆57Updated last year
- POC of GITHUB simple C2 in rust☆53Updated 3 months ago
- ☆37Updated 2 months ago
- ☆66Updated this week
- DLL Unlinking from InLoadOrderModuleList, InMemoryOrderModuleList, InInitializationOrderModuleList, and LdrpHashTable☆57Updated last year
- A collection of position independent coding resources☆77Updated 2 months ago
- Windows AppLocker Driver (appid.sys) LPE☆55Updated 8 months ago
- Construct the payload at runtime using an array of offsets☆63Updated 10 months ago
- NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg☆46Updated last year
- Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders …☆102Updated 3 weeks ago
- ☆34Updated last year
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆74Updated 8 months ago
- Shellcode encryptor using a substitution cipher with a randomly generated key.☆127Updated 3 months ago
- This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.☆60Updated this week
- Analyse MSI files for vulnerabilities☆129Updated 7 months ago