Unprotect-Project / Unprotect_SubmissionLinks
Unprotect is a collaborative platform dedicated to uncovering and documenting malware evasion techniques. We invite you to join us in this exciting journey and add your expertise to our collective efforts. By contributing, you’ll help strengthen the project and push the boundaries of what we can achieve together.
☆167Updated 4 months ago
Alternatives and similar repositories for Unprotect_Submission
Users that are interested in Unprotect_Submission are comparing it to the libraries listed below
Sorting:
- A small program written in C that is designed to load 32/64-bit shellcode and allow for execution or debugging. Can also output PE files …☆155Updated last year
- ☆113Updated 2 weeks ago
- A ProcessMonitor visualization application written in rust.☆181Updated last year
- Python tool to check rootkits in Windows kernel☆198Updated 5 months ago
- An automation plugin for Tiny-Tracer framework to trace and watch functions directly out of the executable's import table or trace logs (…☆117Updated last year
- MSI Dump - a tool that analyzes malicious MSI installation packages, extracts files, streams, binary data and incorporates YARA scanner.☆214Updated 2 years ago
- Repository of Yara Rules☆114Updated 3 months ago
- Tools and technical write-ups describing attacking techniques that rely on concealing code execution on Windows☆216Updated 2 years ago
- ☆171Updated 3 months ago
- A PoC of the ContainYourself research presented in DEFCON 31, which abuses the Windows containers framework to bypass EDRs.☆313Updated last year
- ☆235Updated last month
- SHAREM is a shellcode analysis framework, capable of emulating more than 20,000 WinAPIs and virutally all Windows syscalls. It also conta…☆401Updated last month
- Tools for analyzing EDR agents☆238Updated last year
- Analyse your malware to surgically obfuscate it☆484Updated 2 months ago
- ☆260Updated 2 years ago
- Powershell Linter☆68Updated this week
- Collect Windows telemetry for Maldev☆379Updated last week
- A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.☆350Updated 5 months ago
- ☆105Updated last year
- Evasion Escaper is a project aimed at evading the checks that malicious software performs to detect if it's running in a virtual environm…☆107Updated 5 months ago
- ☆67Updated 6 months ago
- Slides & Code snippets for a workshop held @ x33fcon 2024☆261Updated last year
- PowerDecode is a PowerShell-based tool that allows to deobfuscate PowerShell scripts obfuscated across multiple layers. The tool performs…☆198Updated last year
- Configuration Extractors for Malware☆110Updated 3 months ago
- GarbageMan is a set of tools for analyzing .NET binaries through heap analysis.☆116Updated 2 years ago
- ☆136Updated 2 years ago
- Admin to Kernel code execution using the KSecDD driver☆252Updated last year
- A dynamic unpacking tool☆137Updated last year
- Important notes and topics on my journey towards mastering Windows Internals☆401Updated last year
- Tools and PoCs for Windows syscall investigation.☆361Updated last month