Unprotect-Project / Unprotect_SubmissionLinks
Unprotect is a collaborative platform dedicated to uncovering and documenting malware evasion techniques. We invite you to join us in this exciting journey and add your expertise to our collective efforts. By contributing, you’ll help strengthen the project and push the boundaries of what we can achieve together.
☆165Updated 2 months ago
Alternatives and similar repositories for Unprotect_Submission
Users that are interested in Unprotect_Submission are comparing it to the libraries listed below
Sorting:
- A ProcessMonitor visualization application written in rust.☆180Updated last year
- ☆114Updated last month
- ☆257Updated 2 years ago
- A small program written in C that is designed to load 32/64-bit shellcode and allow for execution or debugging. Can also output PE files …☆144Updated 10 months ago
- ☆223Updated 4 months ago
- An automation plugin for Tiny-Tracer framework to trace and watch functions directly out of the executable's import table or trace logs (…☆116Updated 10 months ago
- A PoC of the ContainYourself research presented in DEFCON 31, which abuses the Windows containers framework to bypass EDRs.☆311Updated last year
- Tools and technical write-ups describing attacking techniques that rely on concealing code execution on Windows☆215Updated 2 years ago
- A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.☆342Updated 3 months ago
- Collect Windows telemetry for Maldev☆352Updated 3 months ago
- Python tool to check rootkits in Windows kernel☆196Updated 3 months ago
- Finding secrets in kernel and user memory☆116Updated last year
- Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.☆231Updated last year
- Leverage AMSI (Antimalware Scan Interface) technology to aid your analysis. This tool saves all buffers (scripts, .NET assemblies, etc) …☆108Updated 4 years ago
- GarbageMan is a set of tools for analyzing .NET binaries through heap analysis.☆114Updated 2 years ago
- ☆247Updated last year
- MSI Dump - a tool that analyzes malicious MSI installation packages, extracts files, streams, binary data and incorporates YARA scanner.☆212Updated 2 years ago
- Slides & Code snippets for a workshop held @ x33fcon 2024☆260Updated 11 months ago
- Admin to Kernel code execution using the KSecDD driver☆250Updated last year
- Analyse your malware to surgically obfuscate it☆469Updated last week
- SHAREM is a shellcode analysis framework, capable of emulating more than 20,000 WinAPIs and virutally all Windows syscalls. It also conta…☆392Updated 3 weeks ago
- Repository of Yara Rules☆111Updated last month
- WTSRM☆211Updated 2 years ago
- Hijacking valid driver services to load arbitrary (signed) drivers abusing native symbolic links and NT paths☆338Updated 9 months ago
- Evasion Escaper is a project aimed at evading the checks that malicious software performs to detect if it's running in a virtual environm…☆106Updated 3 months ago
- ☆158Updated last month
- Source code of exploiting windows API for red teaming series☆148Updated 2 years ago
- Configuration Extractors for Malware☆106Updated last month
- Tools for analyzing EDR agents☆228Updated 11 months ago
- ☆131Updated last year