adamkramer / handle_monitorLinks
Identifying and Disrupting Crypto-Ransomware (and Destructive Malware) using handle heurustics
☆55Updated 10 years ago
Alternatives and similar repositories for handle_monitor
Users that are interested in handle_monitor are comparing it to the libraries listed below
Sorting:
- ransomware_begone☆42Updated 9 years ago
- Modified edition of cuckoomon☆49Updated 7 years ago
- zer0m0n driver for cuckoo sandbox☆24Updated 10 years ago
- zer0m0n driver for cuckoo sandbox☆88Updated 9 years ago
- Test suite for bypassing Malware sandboxes.☆39Updated 10 years ago
- ☆35Updated 7 years ago
- Ambush Host Intrusion Prevention System☆65Updated 11 years ago
- ☆52Updated 8 years ago
- MALM: Malware Monitor☆50Updated 12 years ago
- Public documents about bachelor thesis "Reverse Engineering Analysis of the NDIS 6.* stack"☆41Updated 9 years ago
- Implementation of the DIMVA 2017 publication "Quincy: Detecting Host-Based Code Injection Attacks in Memory Dumps"☆69Updated 3 years ago
- DEPRECATED - replaced with "monitor"☆122Updated 9 years ago
- Security Research and Development Framework☆106Updated 9 years ago
- Simple NTFS crawler.☆56Updated 8 years ago
- Automatically exported from code.google.com/p/malware-lu☆55Updated 6 years ago
- Tool to check if your computer is likely to be vulnerable to exploitable constant Read-Write-Execute (RWX) addresses (AVs vulnerability)☆52Updated 9 years ago
- Supporting Files on my analysis of the malware designated hdroot.☆59Updated 8 years ago
- Analysis PE file or Shellcode☆49Updated 9 years ago
- kernel exploitation helper class☆77Updated 8 years ago
- Work Fast With the pattern matching swiss knife for malware researchers.☆38Updated 9 years ago
- ☆109Updated 8 years ago
- Library and tools to access the Windows Event Log (EVT) format☆60Updated last year
- Detects code differentials between executables in disk and the corresponding processes/modules in memory☆115Updated 5 years ago
- QEMU with rVMI extensions☆25Updated 8 years ago
- Sample libraries to be used with IAT Patcher☆34Updated 2 years ago
- Resolves DLL API entrypoints for a process w/ remote query capabilities.☆55Updated 8 years ago
- ☆75Updated 8 years ago
- POC for IAT Parsing Payloads☆48Updated 8 years ago
- Various Yara signatures (possibly to be included in a release later).☆86Updated 6 years ago
- A boot record parser that identifies known good signatures for MBR, VBR and IPL.☆98Updated 5 months ago