aguinet / petya2017_notes
Notes about reverse engineering the Petya2017 ransomware
☆18Updated 7 years ago
Related projects: ⓘ
- Run Any Native PE file as a memory ONLY Payload , most likely as a shellcode using hta attack vector which interacts with Powershell.☆26Updated 7 years ago
- ☆12Updated 7 years ago
- Making shellcode UD - https://osandamalith.com☆25Updated 8 years ago
- Decoders for 7ev3n ransomware☆14Updated 7 years ago
- ☆22Updated this week
- module for certexfil☆15Updated 2 years ago
- ☆36Updated 4 years ago
- Techniques that i have used to evade anti-virus during pen tests.☆13Updated 6 years ago
- ☆15Updated this week
- Simple shellcode injector.☆13Updated 5 years ago
- ☆14Updated this week
- Privilege Escilation training project, with an emphasis on the distinction between vulnerability research & it's exposure and exploitatio…☆35Updated 7 years ago
- ☆15Updated this week
- Brute-force script for finding azorult XOR key.☆14Updated 5 years ago
- ☆21Updated 3 years ago
- ☆11Updated this week
- PCAUSA Rawether for Windows Local Privilege Escalation☆36Updated 7 years ago
- ☆10Updated 7 years ago
- ☆13Updated this week
- ☆24Updated 6 years ago
- Antivirus Emulator Fingerprints☆25Updated 5 years ago
- ☆22Updated 7 years ago
- r0ak ("roak") is the Ring 0 Army Knife -- A Command Line Utility To Read/Write/Execute Ring Zero on for Windows 10 Systems☆25Updated 6 years ago
- ☆17Updated 6 years ago
- ☆10Updated this week
- My collection of unpackers for malware packers/crypters☆28Updated 7 years ago
- Protects and logs suspicious and malicious usage of .NET CSC.exe and Runtime C# Compilation☆25Updated 6 years ago
- ☆41Updated 6 years ago
- Experimental: Windows .text section compare - disk versus memory☆14Updated 9 years ago
- The ORIGINAL decrypted copies of the Shadow Broker's equation_drug release. Contains Equation group's espionage DLL implants library. Use…☆18Updated 6 years ago