aelth / dementia-forensics
Proof of concept memory anti-forensic toolkit designed for hiding various artifacts inside the memory dump during memory acquisition on Microsoft Windows operating system
☆10Updated 4 years ago
Related projects: ⓘ
- Converts exported results of CAPA tool from .json format to another formats supporting by different tools.☆21Updated 2 years ago
- ☆21Updated 3 years ago
- Parser for a custom executable format from Hidden Bee malware (first stage)☆39Updated last week
- Rekall Memory Forensic Framework☆29Updated 5 years ago
- A simple provider to analyse what gets passed into Microsoft's Anti-Malware Scan Interface☆13Updated 4 years ago
- ☆11Updated this week
- Protects and logs suspicious and malicious usage of .NET CSC.exe and Runtime C# Compilation☆25Updated 6 years ago
- A demo implementation of a well-known technique used by some malware to evade userland hooking, using my library: libpeconv.☆19Updated 6 years ago
- Code that can be used as a reference, library, or inspiration for hacking Windows memory.☆50Updated 4 years ago
- Library for Windows XML Event Log (EVTX) data types☆16Updated 2 months ago
- ☆40Updated this week
- Self-Loading Registration Free COM Functions☆11Updated 4 years ago
- Malware vulnerability research. Coming soon..☆12Updated 4 years ago
- Another Portable Executable files analysing stuff☆18Updated 13 years ago
- NT AUTHORITY\SYSTEM☆37Updated 4 years ago
- ☆15Updated this week
- Kernel mode windows NT API logger☆21Updated 5 years ago
- Generates YARA rules to detect malware using API hashing☆17Updated 3 years ago
- Dumps information about all the callback objects found in a dump file and the functions registered for them☆32Updated 3 years ago
- Antivirus Emulator Fingerprints☆25Updated 5 years ago
- Windows GPU rootkit PoC by Team Jellyfish☆35Updated 9 years ago
- ☆31Updated 4 years ago
- Reflective DLL Injection style process infector☆19Updated 6 years ago
- A Microsoft Windows service to provide telemetry on Windows executable memory page changes to facilitate threat detection☆28Updated 3 years ago
- A ready-made template for a project based on libpeconv.☆40Updated last year
- ☆17Updated 3 years ago
- Notepad++ Syntax Highlighting for Languages Used by Cyber Security Professionals☆14Updated 4 years ago
- Tool to decrypt the configuration of NanoCore and dump all used plugins☆10Updated 3 years ago
- ☆15Updated 3 years ago