R3MRUM / loki-parseLinks
A python script that can detect and parse loki-bot (malware) related network traffic. This script can be helpful to DFIR analysts and security researchers who want to know what data is being exfiltrated to the C2, bot tracking, etc...
☆13Updated 3 years ago
Alternatives and similar repositories for loki-parse
Users that are interested in loki-parse are comparing it to the libraries listed below
Sorting:
- Collection of my Python Scripts☆41Updated 4 years ago
- Shows command lines used by latest instances analyzed on Hybrid-Analysis☆43Updated 6 years ago
- Various snippets created during malware analysis☆22Updated 7 years ago
- This script is used for extracting DDE in docx and xlsx☆12Updated 7 years ago
- Work Fast With the pattern matching swiss knife for malware researchers.☆38Updated 9 years ago
- a modified version base on Tracecorn☆20Updated 5 years ago
- Analysis PE file or Shellcode☆49Updated 8 years ago
- Resolves DLL API entrypoints for a process w/ remote query capabilities.☆55Updated 7 years ago
- TA505 unpacker Python 2.7☆47Updated 4 years ago
- A Maltego transform for VirusTotal Submitter Information☆35Updated 6 years ago
- A repo to hold some scripts pertaining WMI (Windows implementation of WBEM) forensics☆86Updated 7 years ago
- Malware.lu configuration extractor☆25Updated 11 years ago
- Volatility Plugins☆21Updated 10 years ago
- ASERT shared scripts for reversing☆32Updated 7 years ago
- Process HTTP Pcaps With YARA☆103Updated 11 years ago
- Handy scripts to speed up malware analysis☆35Updated last year
- A collection of YARA signatures that I have found around the web.☆11Updated 9 years ago
- Simple DDE object detector☆56Updated 7 years ago
- ☆22Updated 7 years ago
- HackSys Extreme Vulnerable Driver - StackOverflow Exploit☆31Updated 8 years ago
- Tools to enumerate Windows Firewall Hook Drivers on Windows 2000, XP and 2003☆20Updated 10 years ago
- A Rekall interactive document for a Memory Analysis workshop/course.☆43Updated 8 years ago
- IDA Pro plugin that rename functions on load, based on functionality☆19Updated 7 years ago
- API functions for Malware Research☆35Updated 5 years ago
- Yaras Random☆20Updated 6 years ago
- Automatically exported from code.google.com/p/malware-lu☆55Updated 6 years ago
- A tool to generate yara signatures from function blocks☆19Updated 10 years ago
- Modified edition of cuckoo community modules☆32Updated 5 years ago
- Hansel - a simple but flexible search for IDA☆25Updated 5 years ago
- An offensive Powershell console☆30Updated 9 years ago