SafeBreach-Labs / spacebin
Spacebin is a proof-of-concept malware that exfiltrates data (from No Direct Internet Access environments) via triggering AV on the endpoint and then communicating back from the AV's cloud component.
☆86Updated 7 years ago
Alternatives and similar repositories for spacebin:
Users that are interested in spacebin are comparing it to the libraries listed below
- Proof-of-concept two-stage dropper generator that uses bits from external sources☆99Updated 7 years ago
- ☆97Updated 9 years ago
- ☆59Updated 5 years ago
- A collection of scripts to initialize a windows VM to run all the malwares!☆106Updated 5 years ago
- ☆108Updated 8 years ago
- Data Exfiltration and Command Execution via AAAA Records☆67Updated 8 years ago
- IR-Tools - PowerShell tools for IR☆130Updated 7 years ago
- Python tools for IOC (Indicator of Compromise) handling☆96Updated 3 years ago
- Credential Phish Analysis and Automation☆96Updated 6 years ago
- Tool/service to detect Man in the Middle attacks with Canary Requests☆55Updated 8 years ago
- BTG's purpose is to make fast and efficient search on IOC☆70Updated 6 years ago
- Some IR notes☆73Updated 8 years ago
- Computer Network Defender's Toolkit, specializing in active defense techniques.☆7Updated 5 years ago
- ☆46Updated 8 years ago
- A warehouse for your malware☆134Updated 11 years ago
- A Windows priviledge escalation tool (abusing race conditions)☆79Updated 9 years ago
- Mystique may be used to discover infection markers that can be used to vaccinate endpoints against malware. It receives as input a malici…☆82Updated 7 years ago
- Various public documents, whitepapers and articles about APT campaigns☆54Updated 9 years ago
- Quick tool for using Hybrid Analysis API on command line..☆17Updated 7 years ago
- ☆68Updated 7 years ago
- A powershell script for creating a Windows honeyport.☆88Updated 2 weeks ago
- Query Active Directory for Workstations and then pull their Wireless Network Passwords☆46Updated 7 years ago
- A python script used to parse the SAM registry hive.☆72Updated 7 years ago
- Recurse through a registry, identifying values with large data -- a registry malware hunter☆44Updated 8 years ago
- A repo to hold some scripts pertaining WMI (Windows implementation of WBEM) forensics☆85Updated 7 years ago
- a Malware/Threat Analyst Desktop☆89Updated 9 years ago
- Proof-of-concept JavaScript malware implemented as a Proxy Auto-Configuration (PAC) File☆160Updated 8 years ago
- Clustering NMAP XML results to help make sense of large scan results.☆33Updated 2 years ago
- Command line tool for scanning streams within office documents plus xor db attack☆126Updated last year
- ☆73Updated 2 years ago