Unprotect-Project / Unprotect_SubmissionLinks
Unprotect is a collaborative platform dedicated to uncovering and documenting malware evasion techniques. We invite you to join us in this exciting journey and add your expertise to our collective efforts. By contributing, you’ll help strengthen the project and push the boundaries of what we can achieve together.
☆173Updated 5 months ago
Alternatives and similar repositories for Unprotect_Submission
Users that are interested in Unprotect_Submission are comparing it to the libraries listed below
Sorting:
- A small program written in C that is designed to load 32/64-bit shellcode and allow for execution or debugging. Can also output PE files …☆160Updated last year
- A ProcessMonitor visualization application written in rust.☆183Updated 2 years ago
- ☆113Updated 2 months ago
- Python tool to check rootkits in Windows kernel☆201Updated 3 weeks ago
- MSI Dump - a tool that analyzes malicious MSI installation packages, extracts files, streams, binary data and incorporates YARA scanner.☆217Updated 2 years ago
- An automation plugin for Tiny-Tracer framework to trace and watch functions directly out of the executable's import table or trace logs (…☆119Updated last year
- ☆174Updated 4 months ago
- ☆263Updated 2 years ago
- Tools and technical write-ups describing attacking techniques that rely on concealing code execution on Windows☆217Updated 3 years ago
- SHAREM is a shellcode analysis framework, capable of emulating more than 20,000 WinAPIs and virutally all Windows syscalls. It also conta…☆417Updated 2 months ago
- A PoC of the ContainYourself research presented in DEFCON 31, which abuses the Windows containers framework to bypass EDRs.☆317Updated 2 years ago
- ☆239Updated 3 months ago
- Collect Windows telemetry for Maldev☆416Updated last week
- Repository of Yara Rules☆115Updated 5 months ago
- ☆133Updated 2 years ago
- Tools for analyzing EDR agents☆249Updated last year
- Slides & Code snippets for a workshop held @ x33fcon 2024☆268Updated last year
- A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.☆355Updated 7 months ago
- ☆69Updated 7 months ago
- Source code of exploiting windows API for red teaming series☆151Updated 2 years ago
- Important notes and topics on my journey towards mastering Windows Internals☆409Updated last year
- Convert Microsoft Defender Antivirus Signatures (VDM) into YARA rules☆122Updated this week
- Configuration Extractors for Malware☆113Updated 4 months ago
- Leverage AMSI (Antimalware Scan Interface) technology to aid your analysis. This tool saves all buffers (scripts, .NET assemblies, etc) …☆111Updated 4 years ago
- Analyse your malware to surgically obfuscate it☆497Updated 3 months ago
- Conti Locker source code☆195Updated 3 years ago
- ☆105Updated last year
- ETW based POC to identify direct and indirect syscalls☆188Updated 2 years ago
- GarbageMan is a set of tools for analyzing .NET binaries through heap analysis.☆115Updated 2 years ago
- A golang CLI tool to download malware from a variety of sources.☆150Updated 2 months ago