azrilrahim / cryptolocker-dga
this is Crytolocket Malware Domain Generation Algorithm (DGA). Cryptolocker uses DGA to generate 1000 to 10000 unique domain names for its bots or C&C per day. This cmd line contains reverse engineered seed from GoZ and should be able to generate the same DGA results. This code is a part of my research on Cyber Threat Intelligence. GNU open sour…
☆13Updated 8 years ago
Alternatives and similar repositories for cryptolocker-dga:
Users that are interested in cryptolocker-dga are comparing it to the libraries listed below
- Royal APT - APT15 - Related Information from NCC Group Cyber Defense Operations Research☆53Updated 6 years ago
- Various snippets created during malware analysis☆22Updated 6 years ago
- ☆23Updated 4 years ago
- Powershell script which will take any payload and put it in the a bat script which delivers the payload. The payload is delivered using e…☆52Updated 9 months ago
- Slack/Microsoft Teams notification for new Empire/Meterpreter checkins☆25Updated 2 months ago
- A WebDAV PROPFIND covert channel to deliver payloads☆53Updated 7 years ago
- Mimikatz HashClash☆12Updated 9 years ago
- Gmail Knocker☆21Updated 7 years ago
- This repository contains various files linked to Operation Shadowhammer as it was originally discovered by Kaspersky Team.☆12Updated 5 years ago
- Gives context to a system. Uses EQGRP shadow broker leaked list to give some descriptions to processes.☆42Updated 7 years ago
- CVE-2017-8570 Exploit☆21Updated 7 years ago
- A summary about different projects/presentations/tools to test how to evade malware sandbox systems☆48Updated 6 years ago
- The project is called GreatSCT (Great Scott). GreatSCT is an open source project to generate application white list bypasses. This tool i…☆29Updated 6 years ago
- Data exfiltration using reflective DNS resolution covert channel☆51Updated 7 years ago
- ☆15Updated 3 years ago
- ☆31Updated 4 years ago
- Emofishes is a collection of proof-of-concepts that help improve, bypass or detect virtualized execution environments (focusing on the on…☆15Updated 2 years ago
- ☆15Updated 9 years ago
- Forked and updated with some additional features over the original☆16Updated 3 years ago
- Fimap post-exploitation plugin that injects dave Rel1k's AES HTTP Reverse Shell☆16Updated 10 years ago
- A set of compiled application restriction bypasses☆29Updated 7 years ago
- Pcaps for PeddleCheap and implant communication + script for interpreting and decrypting pcaps.☆15Updated 7 years ago
- simple demo of using C# & System.Management.Automation.dll to run powershell code (b64 encoded) without powershell.exe☆13Updated 7 years ago
- Impacket is a collection of Python classes for working with network protocols.☆17Updated 4 years ago
- This script is used for extracting DDE in docx and xlsx☆12Updated 7 years ago
- Random source codes☆25Updated 4 years ago
- A pyobfuscate fork made specifically to randomize and obfuscate python based payloads☆13Updated 9 years ago
- Empire HTTP(S) C2 redirector setup script☆47Updated 6 years ago
- Detecting PowerShell Empire, Metasploit Meterpreter and Cobalt Strike agents by payload size sequence analysis and host correlation☆16Updated 6 years ago
- A cross platform tool for verifying credentials and executing single commands☆32Updated 5 years ago