advanced-threat-research / Threat-ReportsView external linksLinks
Repository to store the Threat Reports made by the McAfee Enterprise ATR Team
☆10Oct 11, 2018Updated 7 years ago
Alternatives and similar repositories for Threat-Reports
Users that are interested in Threat-Reports are comparing it to the libraries listed below
Sorting:
- Repository containing IOCs, CSV and MISP JSON from our blogs☆83Aug 4, 2021Updated 4 years ago
- Allows you to add breakpoints from IDA (from the graph/text view) to WinDbg easily☆13Oct 10, 2018Updated 7 years ago
- Generate MAEC XML from Ero Carrera's pefile output☆15Mar 6, 2017Updated 8 years ago
- A tool to facilitate ROP Chain Development for XML Character Sanitization☆20May 9, 2019Updated 6 years ago
- Exploiting Edge's read:// urlhandler☆15Oct 23, 2021Updated 4 years ago
- ☆36Sep 5, 2017Updated 8 years ago
- OLE Package Format Documentation☆22Jun 13, 2020Updated 5 years ago
- C++ wrapper around KLEE and AFL for intelligent, coverage guided fuzzing. Developed while doing research at MWR Infosecurity☆18Aug 1, 2018Updated 7 years ago
- This tool will extract the opcodes from the .text section and display in different hex formats for different syntaxes. Works only with va…☆16Feb 9, 2016Updated 10 years ago
- Slides of 44Con 2018☆22Oct 11, 2018Updated 7 years ago
- Python tool for bulk PDF feature extraction. This tool is a prototype.☆25Jan 9, 2017Updated 9 years ago
- Download all of Microsoft's security updates and symbols☆41Mar 31, 2016Updated 9 years ago
- Obtain remote process cookies by performing a brute-force attack on ntdll.RtlDecodePointer using known pointer encodings.☆22May 31, 2017Updated 8 years ago
- Protects and logs suspicious and malicious usage of .NET CSC.exe and Runtime C# Compilation☆25May 3, 2018Updated 7 years ago
- QEMU with rVMI extensions☆25Jul 25, 2017Updated 8 years ago
- REIL translation library☆36May 6, 2016Updated 9 years ago
- ☆23Aug 10, 2020Updated 5 years ago
- IOCs for CRASHOVERRIDE malware framework☆27Jun 15, 2017Updated 8 years ago
- A pure-python win32 debugger interface.☆28Jan 10, 2016Updated 10 years ago
- ☆23May 19, 2019Updated 6 years ago
- This repository will hold PCAP IOC data related with known malware samples (owner: Bryant Smith)☆108Jul 29, 2021Updated 4 years ago
- Rekall Forensics and Incident Response Framework with rVMI extensions☆33Mar 25, 2021Updated 4 years ago
- Proof of Concept's provided by Source Incite☆36Aug 10, 2017Updated 8 years ago
- Repository of YARA rules made by Trellix ATR Team☆623Mar 18, 2025Updated 10 months ago
- ☆32Jan 24, 2016Updated 10 years ago
- Windows 10 UAC bypass PoC using LaunchInfSection☆35Aug 3, 2018Updated 7 years ago
- Command-line Interface for Binar.ly☆39Jan 13, 2017Updated 9 years ago
- PCAUSA Rawether for Windows Local Privilege Escalation☆39Mar 15, 2017Updated 8 years ago
- Hidden monitoring and blocking Android apps☆10May 2, 2017Updated 8 years ago
- A "general-purpose" tracing tool☆39Jun 22, 2015Updated 10 years ago
- Just another tool to download specify Symbol (.pdb) files☆39Sep 4, 2019Updated 6 years ago
- A dirty IDAPython script to dump windows system call number/name pairs as JSON☆36Feb 13, 2017Updated 9 years ago
- RemoteBridge is a library that allows you to access internal COM and JAVA objects used by third-party applications remotely.☆35Oct 11, 2017Updated 8 years ago
- A little WinDbg extension to help dump the state of Win32k Type Isolation structures.☆38Feb 2, 2018Updated 8 years ago
- PE32 binary + W32 payload☆11Jul 23, 2017Updated 8 years ago
- A sample project for using Capstone from a driver in Visual Studio 2015☆36May 4, 2016Updated 9 years ago
- A compendium of threat modeling and security testing resources for LLMs and GenAI agents☆19Oct 16, 2024Updated last year
- The mission of Black Lotus Labs is to leverage our network visibility to both help protect customers and keep the internet clean.☆12Jun 18, 2021Updated 4 years ago
- Indicators of compromise relating to our report on APT10's targeting of global MSPs☆10Sep 26, 2017Updated 8 years ago