blackarrowsec / malware-researchLinks
Malware campaigns and APTs research by BlackArrow
☆18Updated 5 years ago
Alternatives and similar repositories for malware-research
Users that are interested in malware-research are comparing it to the libraries listed below
Sorting:
- The repository accompanying the Buer Emulation workshop☆24Updated 3 years ago
- ☆12Updated 4 years ago
- Data EXfiltration TestER☆21Updated 5 years ago
- Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the in…☆19Updated 4 years ago
- ☆18Updated 4 years ago
- Dumping credentials through windbg and pykd☆41Updated last year
- ☆24Updated 5 years ago
- Exploits made practicing for OSCE☆23Updated 4 years ago
- Sp00fer blog post -☆26Updated 3 years ago
- PoC MSI payload based on ASEC/AhnLab's blog post☆23Updated 2 years ago
- A local LKM rootkit loader/dropper that lists available security mechanisms☆52Updated 3 years ago
- ☆24Updated 3 years ago
- Repository for LNK stuff☆31Updated 2 years ago
- Work in Progress repo☆14Updated 6 years ago
- A Docker container used to easily compile Nim binaries generated by my tools (NimPackt and NimPlant)☆16Updated last year
- AMSI detection PoC☆32Updated 5 years ago
- Remote Desktop Protocol .NET Console Application for Authenticated Command Execution☆12Updated 5 years ago
- ☆36Updated 5 years ago
- Event Data Collector☆37Updated 3 weeks ago
- A PowerShell script to prevent Sysmon from writing its events☆16Updated 5 years ago
- Continuous kerberoast monitor☆45Updated last year
- just manipulatin these here tokens yes sir nothing weird☆22Updated 3 years ago
- Malicious DLL Generator in Py3☆26Updated 5 years ago
- ☆17Updated 5 years ago
- A shellcode generator with encryption, encoding and polymorphism facilities built-in☆33Updated 3 years ago
- This tool parses NTDLL.DLL, extracts all the syscall numbers and helps in making direct syscalls, in order to help evasion.☆15Updated 3 years ago
- Machine learning enabled dropper☆27Updated 2 years ago
- USB HID driver emulation with PID/VID (0x3bca/0x27bb) of Plenom A/S Busylight Alpha, that is supported by Mimikatz. When mimikatz is exec…☆20Updated 2 years ago
- A mini project to exfiltrate data via QR codes☆19Updated this week
- A collection of my presentation materials.☆17Updated last year