R3MRUM / loki-parseLinks
A python script that can detect and parse loki-bot (malware) related network traffic. This script can be helpful to DFIR analysts and security researchers who want to know what data is being exfiltrated to the C2, bot tracking, etc...
☆13Updated 3 years ago
Alternatives and similar repositories for loki-parse
Users that are interested in loki-parse are comparing it to the libraries listed below
Sorting:
- A Generic Windows Memory Scraping Tool☆71Updated 8 years ago
- Various scripts for different malware families☆106Updated 4 years ago
- Shows command lines used by latest instances analyzed on Hybrid-Analysis☆43Updated 7 years ago
- a modified version base on Tracecorn☆20Updated 5 years ago
- Resolves DLL API entrypoints for a process w/ remote query capabilities.☆56Updated 8 years ago
- A Maltego transform for VirusTotal Submitter Information☆35Updated 6 years ago
- API functions for Malware Research☆35Updated 6 years ago
- A repo to hold some scripts pertaining WMI (Windows implementation of WBEM) forensics☆87Updated 8 years ago
- Automatically exported from code.google.com/p/malware-lu☆55Updated 6 years ago
- This script is used for extracting DDE in docx and xlsx☆12Updated 7 years ago
- Volatility Framework plugin to detect various types of hooks as performed by banking Trojans☆41Updated 6 years ago
- Collection of my Python Scripts☆41Updated 5 years ago
- hopefully a source-to-source deobfuscator, aiming at deobfuscating common scripts languages such as Powershell, VBA and Javascript. Curre…☆40Updated 6 years ago
- Another Repo of Malware. Enjoy. <3☆59Updated 6 years ago
- UAC 0Day all day!☆57Updated 8 years ago
- A one-click tool to inject jobs into the BITS queue (Background Intelligent Transfer Service), allowing arbitrary program execution as th…☆100Updated 6 years ago
- Randomly changes Win32/64 PE Files for 'safer' uploading to malware and sandbox sites.☆129Updated 11 years ago
- API Tracker by Cysinfo Team☆22Updated 8 years ago
- Smart DLL execution for malware analysis in sandbox systems☆144Updated 10 years ago
- ☆53Updated 8 years ago
- Various snippets created during malware analysis☆22Updated 7 years ago
- Modified edition of cuckoo community modules☆32Updated 6 years ago
- Transfer EIP control to shellcode during malware analysis investigation☆77Updated 10 years ago
- Royal APT - APT15 - Related Information from NCC Group Cyber Defense Operations Research☆53Updated 7 years ago
- Analysis PE file or Shellcode☆50Updated 9 years ago
- PoC malware built by copy-paste☆25Updated 4 years ago
- ☆43Updated 6 years ago
- Handy scripts to speed up malware analysis☆35Updated 2 years ago
- Advanced Portable Executable File Analyzer And Disassembler 32 & 64 Bit☆100Updated 6 years ago
- Yet another Python library to read and write PE/PE+ files.☆78Updated 9 years ago