azrilrahim / cryptolocker-dgaLinks
this is Crytolocket Malware Domain Generation Algorithm (DGA). Cryptolocker uses DGA to generate 1000 to 10000 unique domain names for its bots or C&C per day. This cmd line contains reverse engineered seed from GoZ and should be able to generate the same DGA results. This code is a part of my research on Cyber Threat Intelligence. GNU open sour…
☆14Updated 9 years ago
Alternatives and similar repositories for cryptolocker-dga
Users that are interested in cryptolocker-dga are comparing it to the libraries listed below
Sorting:
- A summary about different projects/presentations/tools to test how to evade malware sandbox systems☆55Updated 6 years ago
- Volatility Framework plugin to detect various types of hooks as performed by banking Trojans☆41Updated 6 years ago
- ☆15Updated 4 years ago
- Royal APT - APT15 - Related Information from NCC Group Cyber Defense Operations Research☆53Updated 7 years ago
- The ORIGINAL decrypted copies of the Shadow Broker's equation_drug release. Contains Equation group's espionage DLL implants library. Use…☆18Updated 7 years ago
- SubShell is a python command shell used to control and execute commands through HTTP requests to a webshell. SubShell acts as the interfa…☆75Updated 8 years ago
- Community-based integrated malware identification system☆82Updated 2 years ago
- Slack/Microsoft Teams notification for new Empire/Meterpreter checkins☆25Updated 10 months ago
- Another Repo of Malware. Enjoy. <3☆59Updated 6 years ago
- A collection of Indicators of Compromise (IoCs), most aligning with samples derived from the signatures in the YARA-Signatures repo☆30Updated 5 years ago
- A Maltego transform for VirusTotal Submitter Information☆35Updated 6 years ago
- Gives context to a system. Uses EQGRP shadow broker leaked list to give some descriptions to processes.☆47Updated 8 years ago
- Rekall Forensics and Incident Response Framework with rVMI extensions☆33Updated 4 years ago
- ☆26Updated 5 years ago
- ☆65Updated 8 years ago
- NCC Group Ransomware Simulator☆69Updated 9 years ago
- Randomly changes Win32/64 PE Files for 'safer' uploading to malware and sandbox sites.☆131Updated 11 years ago
- MoP - "Master of Puppets" - Advanced malware tracking framework☆82Updated last year
- ☆16Updated 10 years ago
- Various snippets created during malware analysis☆22Updated 7 years ago
- Execute shellcode and evade AV detection with python.☆15Updated 9 years ago
- This repository contains various files linked to Operation Shadowhammer as it was originally discovered by Kaspersky Team.☆12Updated 6 years ago
- Dll injection for executable file☆14Updated 9 years ago
- Liberating dem proprietary APT implants☆20Updated 5 years ago
- Proof of concept communications from C# via a web browser process☆21Updated 6 years ago
- API Tracker by Cysinfo Team☆22Updated 8 years ago
- Parses Java Cache IDX files☆39Updated 7 years ago
- Automated script to search in SMB protocol for availables pipe names☆23Updated 7 years ago
- C&C to deliver files and shuttle command execution instructions between an external actor and an internal agent with the help of Firefox …☆38Updated 2 years ago
- Powershell script which will take any payload and put it in the a bat script which delivers the payload. The payload is delivered using e…☆52Updated last year