A python script that can detect and parse loki-bot (malware) related network traffic. This script can be helpful to DFIR analysts and security researchers who want to know what data is being exfiltrated to the C2, bot tracking, etc...
☆13Dec 31, 2021Updated 4 years ago
Alternatives and similar repositories for loki-parse
Users that are interested in loki-parse are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- UnpacMe IDA Byte Search☆29Nov 20, 2023Updated 2 years ago
- Python library for managing malware feeds and blacklists published online by third parties.☆10Nov 13, 2015Updated 10 years ago
- ☆31Apr 25, 2024Updated 2 years ago
- Binarly SDK v1☆14Dec 18, 2016Updated 9 years ago
- Help deobfuscate VBScript☆18Jul 1, 2022Updated 3 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- A Binary Ninja plugin that uses bruteforced XFG hashes to recover precise function prototypes☆16Feb 7, 2024Updated 2 years ago
- A decentralized git profile like github built with React 💻👩💻💽 👨💻☆13Nov 26, 2019Updated 6 years ago
- A small tool to unmap PE memory dumps.☆11Nov 9, 2023Updated 2 years ago
- Proof-of-concept automated baremetal malware analysis framework.☆14Sep 24, 2015Updated 10 years ago
- Scripts for communication with Bunitu Trojan C&Cs☆19Oct 29, 2015Updated 10 years ago
- Demo applications for Isomorphic Layout Composer☆12Jan 10, 2025Updated last year
- A python script that can be used to scan data within in an IDB using Yara.☆23Sep 4, 2018Updated 7 years ago
- Vulnerable EDR☆26Nov 15, 2024Updated last year
- library to decode/parse zeus-like configuration files☆30Mar 19, 2018Updated 8 years ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- function identification signatures☆12Apr 26, 2021Updated 5 years ago
- Ida Pro plugin to aid in reverse engineering Rust binaries.☆19Dec 9, 2024Updated last year
- An IDA plugin to deobfuscate Pikabot's strings using RC4 and AES☆13Apr 8, 2024Updated 2 years ago
- ☆26Mar 22, 2023Updated 3 years ago
- Notes some analysis related to VidarStealer sample☆16May 5, 2024Updated 2 years ago
- Tool to decrypt the configuration of NanoCore and dump all used plugins☆12Dec 8, 2020Updated 5 years ago
- ☆15Sep 30, 2025Updated 8 months ago
- Various scripts for different malware families☆106Apr 12, 2021Updated 5 years ago
- WIP☆10Jan 20, 2013Updated 13 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- IDA plugin to deobfuscate emotet CFF☆18Apr 26, 2022Updated 4 years ago
- ☆10Jan 4, 2015Updated 11 years ago
- ☆28Aug 31, 2014Updated 11 years ago
- Client of Richkware-Manager-Server, that obtains list of all hosts and is able to send commands to do at each of them.☆13Dec 28, 2025Updated 5 months ago
- A GC link parser for both linkfiles and jumplists.☆18Oct 28, 2016Updated 9 years ago
- Component Services Volatile Environment LPE☆12Jun 28, 2025Updated 11 months ago
- Attendance System using Flutter is a mobile application that streamlines attendance management in educational institutions through a QR c…☆12Nov 19, 2024Updated last year
- Malware Muncher is a proof-of-concept Python script that utilizes the Frida framework for binary instrumentation and API hooking, enablin…☆46Feb 24, 2023Updated 3 years ago
- PoC code for CVE-2020-16939 Windows Group Policy DACL Overwrite Privilege Escalation☆12Oct 27, 2020Updated 5 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- IDA plugin for automatic deobfuscation of opaque predicates by lifting microcode to z3 for SMT reasoning.☆73Apr 30, 2026Updated last month
- 日前我发现了D-Link DIR 880L/865L/868L/860L路由器存在多个XSS和命令注入漏洞,最主要的问题是路由器未对用户输入进行检查,导致恶意数据请求被执行,最终被远程攻击者控制整个设备。☆11Mar 2, 2018Updated 8 years ago
- Code snippets for Qiling Tutorials☆21Aug 22, 2020Updated 5 years ago
- Email search app that searchs many places for email accounts.☆18Jun 8, 2010Updated 16 years ago
- Code and notes regarding Malware Development☆11Oct 30, 2022Updated 3 years ago
- A windows kernel driver to Block symbolic link exploit used for privilege escalation.☆15Jul 30, 2020Updated 5 years ago
- Python tool and library to help analyze files during malware triage and analysis.☆78Jul 2, 2020Updated 5 years ago