SentineLabs / Memloader

Related projects ⓘ

Alternatives and complementary repositories for Memloader

• OALabs / UnpacMe-IDA-Byte-Search
  UnpacMe IDA Byte Search
  ☆26Updated last year
• hasherezade / tag_converter
  ☆21Updated 3 years ago
• danielplohmann / empty_msvc
  A collection of empty MSVC projects, compiled using various versions and configurations of Visual Studio.
  ☆30Updated 5 months ago
• shamrockhoax / mazedecoder
  ☆28Updated 4 years ago
• airbus-cert / etwbreaker
  An IDA plugin to deal with Event Tracing for Windows (ETW)
  ☆50Updated 2 years ago
• benoitsevens / applying-ttd-to-malware-analysis
  Resources for the workshop titled "Repacking the unpacker: Applying Time Travel Debugging to malware analysis", given at HackLu 2019
  ☆39Updated 5 years ago
• Dump-GUY / Python3---Binary-Data-Manipulation
  Python 3 - Manipulation and conversation with different data type (Bytes operations)
  ☆27Updated 2 years ago
• sisoma2 / malware_analysis
  Scripts, Yara rules and other files developed during malware investigations
  ☆24Updated 2 years ago
• govcert-ch / ConfuserEx_IDAPython
  IDA Python deobfuscation script for ConfuserEx binaries
  ☆35Updated 2 years ago
• airbus-cert / ttd2mdmp
  Extract data of TTD trace file to a minidump
  ☆28Updated last year
• idiom / stackstack
  ☆31Updated 2 years ago
• mobdk / CloneProcess
  Clone running process with ZwCreateProcess
  ☆58Updated 4 years ago
• ulexec / EmotetCFU
  WIP Emotet Control Flow Unflattening using miasm and radare2
  ☆23Updated last year
• alexander-hanel / gopep
  Go Lang Portable Executable Parser
  ☆37Updated 3 years ago
• hasherezade / pin_n_sieve
  An experimental dynamic malware unpacker based on Intel Pin and PE-sieve
  ☆57Updated 3 months ago
• therealdreg / windbgtocstruct
  Helper Script to convert a Windbg dumped structure (using the 'dt' command) into a C structure. It creates dummy structs for you if neede…
  ☆26Updated last year
• ihack4falafel / ROR13HashGenerator
  C# implementation to produce ROR-13 numeric hash for given function API name
  ☆31Updated 5 years ago
• sgabe / SymlinkProtect
  File system minifilter driver for Windows to block symbolic link attacks.
  ☆51Updated 3 years ago
• immortalp0ny / yarg
  Yet another rule generator for Yara
  ☆25Updated 4 years ago
• Dump-GUY / ghidra_scripts
  ☆66Updated last year
• Dump-GUY / tiny_tracer_tag_to_cutter
  ☆17Updated 2 years ago
• yardenshafir / MitigationFlagsCliTool
  Command like tool to print mitigation flags for running processes in a memory dump
  ☆44Updated 4 years ago
• Dump-GUY / Invoke-DetectItEasy
  Invoke-DetectItEasy is a wrapper for excelent tool called Detect-It-Easy. This PS module is very useful for Threat Hunting and Forensics.
  ☆23Updated 2 years ago
• hasherezade / pe_utils
  A set of small utilities, helpers for PIN tracers
  ☆31Updated last year
• KasperskyLab / Apihashes
  IDA Pro plugin for recognizing known hashes of API function names
  ☆82Updated 2 years ago
• tandasat / tandasat.github.io
  ☆19Updated 2 weeks ago
• intel471 / coderex
  A tool that automates regex generation for the x86 and x86-64 instruction sets
  ☆62Updated 7 months ago
• hidd3ncod3s / WindowsAPIhash
  Windows API Hashes used in the malwares
  ☆40Updated 9 years ago
• Internet-2-0 / Malcore-x64dbg
  This x64dbg plugin allows you to upload your sample to Malcore and view the results.
  ☆32Updated last year
• redplait / pexphide
  PoC for hiding PE exports
  ☆65Updated 3 years ago