azrilrahim / cryptolocker-dgaLinks
this is Crytolocket Malware Domain Generation Algorithm (DGA). Cryptolocker uses DGA to generate 1000 to 10000 unique domain names for its bots or C&C per day. This cmd line contains reverse engineered seed from GoZ and should be able to generate the same DGA results. This code is a part of my research on Cyber Threat Intelligence. GNU open sour…
☆14Updated 9 years ago
Alternatives and similar repositories for cryptolocker-dga
Users that are interested in cryptolocker-dga are comparing it to the libraries listed below
Sorting:
- SubShell is a python command shell used to control and execute commands through HTTP requests to a webshell. SubShell acts as the interfa…☆75Updated 9 years ago
- ☆16Updated 10 years ago
- Royal APT - APT15 - Related Information from NCC Group Cyber Defense Operations Research☆53Updated 7 years ago
- Slack/Microsoft Teams notification for new Empire/Meterpreter checkins☆25Updated last year
- A WebDAV PROPFIND covert channel to deliver payloads☆52Updated 8 years ago
- Powershell script which will take any payload and put it in the a bat script which delivers the payload. The payload is delivered using e…☆56Updated last year
- Gives context to a system. Uses EQGRP shadow broker leaked list to give some descriptions to processes.☆48Updated 8 years ago
- NCC Group Ransomware Simulator☆69Updated 9 years ago
- A summary about different projects/presentations/tools to test how to evade malware sandbox systems☆55Updated 7 years ago
- Volatility Framework plugin to detect various types of hooks as performed by banking Trojans☆40Updated 7 years ago
- Gophish Python cli to perform huge phishing campaigns☆39Updated 7 years ago
- C&C to deliver files and shuttle command execution instructions between an external actor and an internal agent with the help of Firefox …☆38Updated 3 years ago
- ☆63Updated 9 years ago
- A Linux RAT in C☆33Updated 7 years ago
- A set of compiled application restriction bypasses☆30Updated 8 years ago
- Slides from my talk "whoami /priv" at Romhack 2018�☆39Updated 7 years ago
- PowerShell Empire module for logging USB keystrokes via ETW☆32Updated 9 years ago
- ☆11Updated 7 years ago
- Python wrapper for the Mitre ATT&CK framework API☆30Updated 7 years ago
- When CactusTorch meets WebDavDelivery and obfuscation☆63Updated 8 years ago
- Automatically parses and attacks BloodHound-generated graphs☆43Updated 7 years ago
- C# code for Transferring Backdoor Payloads by DNS Traffic (A - PTR Records) and Bypassing Anti-viruses☆45Updated 2 years ago
- Socks5 server over Websockets☆40Updated 7 years ago
- Async'ly gather unique usernames thru null SMB sessions and bruteforce them with 2 passwords☆51Updated 8 years ago
- CVE-2017-8570 Exploit☆21Updated 8 years ago
- Сollection of TCL scripts for Cisco IOS penetration testing☆67Updated 7 years ago
- Various snippets created during malware analysis☆22Updated 7 years ago
- The ORIGINAL decrypted copies of the Shadow Broker's equation_drug release. Contains Equation group's espionage DLL implants library. Use…☆26Updated 8 years ago
- SilkETW & SilkService☆40Updated 6 years ago
- ☆17Updated 8 years ago