anyrun / blog-scripts
☆18Updated last month
Related projects: ⓘ
- Native Python3 bindings for @horsicq's Detect-It-Easy☆40Updated 3 weeks ago
- Malware Muncher is a proof-of-concept Python script that utilizes the Frida framework for binary instrumentation and API hooking, enablin…☆42Updated last year
- Configuration Extractors for Malware☆51Updated 2 weeks ago
- Scripts, Yara rules and other files developed during malware investigations☆24Updated 2 years ago
- ☆22Updated 3 months ago
- IDA Pro plugin to aid with the analysis of native IIS modules☆13Updated last month
- A robust, multiprocessing-capable, multi-family RAT config parser/config extractor for AsyncRAT, DcRAT, VenomRAT, QuasarRAT, XWorm, Xeno …☆29Updated last month
- Tool to decrypt the configuration of NanoCore and dump all used plugins☆10Updated 3 years ago
- Signature-based detection of malware features based on Windows API call sequences. It's like YARA for sandbox API traces!☆80Updated last year
- ☆26Updated last month
- Golang bindings for PE-sieve☆40Updated 10 months ago
- ☆25Updated 10 months ago
- ☆21Updated last year
- Invoke-DetectItEasy is a wrapper for excelent tool called Detect-It-Easy. This PS module is very useful for Threat Hunting and Forensics.☆23Updated 2 years ago
- A collection of Tools and Rules for decoding Brute Ratel C4 badgers☆61Updated 2 years ago
- Get-PDInvokeImports is tool (PowerShell module) which is able to perform automatic detection of P/Invoke, Dynamic P/Invoke and D/Invoke u…☆50Updated 2 years ago
- Winbindex bot to pull in binaries for specific releases☆44Updated last year
- Small visualizator for PE files☆66Updated last year
- A small tool to unmap PE memory dumps.☆11Updated 10 months ago
- Repo containing my public talks☆22Updated last year
- Small tool to play with IOCs caused by Imageload events☆37Updated last year
- A collection of shellcode hashes☆17Updated 6 years ago
- IDA Python scripts☆26Updated 8 months ago
- Unpacker for donut shellcode☆10Updated 4 years ago
- A small utility to deal with malware embedded hashes.☆48Updated last year
- Defeating Anti-Debugging Techniques for Malware Analysis☆13Updated last year
- ☆18Updated 5 months ago
- Modular malware analysis artifact collection and correlation framework☆49Updated 4 months ago
- C# implementation to produce ROR-13 numeric hash for given function API name☆31Updated 5 years ago
- Decode Royal Road RTF Weaponizer 8.t object☆22Updated 2 months ago