A python script that can detect and parse loki-bot (malware) related network traffic. This script can be helpful to DFIR analysts and security researchers who want to know what data is being exfiltrated to the C2, bot tracking, etc...
☆13Dec 31, 2021Updated 4 years ago
Alternatives and similar repositories for loki-parse
Users that are interested in loki-parse are comparing it to the libraries listed below
Sorting:
- UnpacMe IDA Byte Search☆29Nov 20, 2023Updated 2 years ago
- ☆24Apr 25, 2024Updated last year
- Python library for managing malware feeds and blacklists published online by third parties.☆10Nov 13, 2015Updated 10 years ago
- Binarly SDK v1☆14Dec 18, 2016Updated 9 years ago
- Help deobfuscate VBScript☆18Jul 1, 2022Updated 3 years ago
- A Binary Ninja plugin that uses bruteforced XFG hashes to recover precise function prototypes☆16Feb 7, 2024Updated 2 years ago
- A decentralized git profile like github built with React 💻👩💻💽 👨💻☆13Nov 26, 2019Updated 6 years ago
- A small tool to unmap PE memory dumps.☆11Nov 9, 2023Updated 2 years ago
- Proof-of-concept automated baremetal malware analysis framework.☆14Sep 24, 2015Updated 10 years ago
- Scripts for communication with Bunitu Trojan C&Cs☆19Oct 29, 2015Updated 10 years ago
- Demo applications for Isomorphic Layout Composer☆12Jan 10, 2025Updated last year
- A python script that can be used to scan data within in an IDB using Yara.☆23Sep 4, 2018Updated 7 years ago
- Vulnerable EDR☆24Nov 15, 2024Updated last year
- library to decode/parse zeus-like configuration files☆30Mar 19, 2018Updated 8 years ago
- function identification signatures☆12Apr 26, 2021Updated 4 years ago
- Ida Pro plugin to aid in reverse engineering Rust binaries.☆19Dec 9, 2024Updated last year
- An IDA plugin to deobfuscate Pikabot's strings using RC4 and AES☆13Apr 8, 2024Updated last year
- ☆25Mar 22, 2023Updated 2 years ago
- Notes some analysis related to VidarStealer sample☆16May 5, 2024Updated last year
- Tool to decrypt the configuration of NanoCore and dump all used plugins☆12Dec 8, 2020Updated 5 years ago
- Various scripts for different malware families☆106Apr 12, 2021Updated 4 years ago
- WIP☆10Jan 20, 2013Updated 13 years ago
- IDA plugin to deobfuscate emotet CFF☆18Apr 26, 2022Updated 3 years ago
- ☆10Jan 4, 2015Updated 11 years ago
- ☆28Aug 31, 2014Updated 11 years ago
- Client of Richkware-Manager-Server, that obtains list of all hosts and is able to send commands to do at each of them.☆13Dec 28, 2025Updated 2 months ago
- A GC link parser for both linkfiles and jumplists.☆18Oct 28, 2016Updated 9 years ago
- Component Services Volatile Environment LPE☆12Jun 28, 2025Updated 8 months ago
- Attendance System using Flutter is a mobile application that streamlines attendance management in educational institutions through a QR c…☆12Nov 19, 2024Updated last year
- Malware Muncher is a proof-of-concept Python script that utilizes the Frida framework for binary instrumentation and API hooking, enablin…☆46Feb 24, 2023Updated 3 years ago
- PoC code for CVE-2020-16939 Windows Group Policy DACL Overwrite Privilege Escalation☆12Oct 27, 2020Updated 5 years ago
- Code snippets for Qiling Tutorials☆21Aug 22, 2020Updated 5 years ago
- 日前我发现了D-Link DIR 880L/865L/868L/860L路由器存在多个XSS和命令注入漏洞,最主要的问题是路由器未对用户输入进行检查,导致恶意数据请求被执行,最终被远程攻击者控制整个设备。☆11Mar 2, 2018Updated 8 years ago
- Email search app that searchs many places for email accounts.☆18Jun 8, 2010Updated 15 years ago
- A windows kernel driver to Block symbolic link exploit used for privilege escalation.☆15Jul 30, 2020Updated 5 years ago
- Python tool and library to help analyze files during malware triage and analysis.☆78Jul 2, 2020Updated 5 years ago
- ☆19Aug 6, 2021Updated 4 years ago
- Template for asynchronously controlling meterpreter sessions☆13Jun 19, 2018Updated 7 years ago
- Proof of concept about the privilege escalation flaw identified in Google's Osconfig☆10Sep 20, 2020Updated 5 years ago