Scripts and rulesets for analysing the Winnti malware
☆24Jul 24, 2019Updated 6 years ago
Alternatives and similar repositories for 2019-winnti-analyse
Users that are interested in 2019-winnti-analyse are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A project in Golang that will create prefix-based magic MD5 hashes for type juggling.☆21Jul 29, 2018Updated 7 years ago
- Decodes PlugX traffic and encrypted/compressed artifacts☆38Apr 29, 2013Updated 13 years ago
- Empfehlungen für die Veröffentlichung von Open Source-Projekten bei BR Data☆26Jan 31, 2020Updated 6 years ago
- QEMU with rVMI extensions☆26Jul 25, 2017Updated 8 years ago
- pocket guide for core threat hunting concepts☆23May 6, 2020Updated 6 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Nmap Script to scan for Winnti infections☆71May 22, 2018Updated 8 years ago
- A collection of threat intelligence data such as IOC, Yara and Snort/Suricata Rules etc.☆10Sep 17, 2019Updated 6 years ago
- Elasticsearch/Kibana environment and log data for Sigma workshop☆27Dec 20, 2019Updated 6 years ago
- Attack Tool Timing and Reporting - Structured Attack Logging Format☆22Nov 4, 2022Updated 3 years ago
- Socks5 proxy server by golang☆11Oct 10, 2019Updated 6 years ago
- ☆12Nov 3, 2020Updated 5 years ago
- ☆15Oct 25, 2022Updated 3 years ago
- Carving tool based in Radare2 & Yara☆16Oct 30, 2018Updated 7 years ago
- Trace ScriptBlock execution for powershell v2☆40Jan 14, 2020Updated 6 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- ☆136Jan 24, 2019Updated 7 years ago
- Thor Artifacts for Velociraptor☆19Dec 2, 2025Updated 7 months ago
- dawg the hallway monitor - monitor operating system changes and analyze introduced attack surface when installing software☆55Nov 14, 2019Updated 6 years ago
- Binary String Toolkit (BST). Quickly and easily convert binary strings for all your exploit development needs.☆22Jul 27, 2018Updated 7 years ago
- Multicore EVTX to Elasticsearch ingestor for incident responders.☆14May 12, 2021Updated 5 years ago
- Simple shellcode decoder using unicorn-engine☆101Oct 17, 2015Updated 10 years ago
- Threat Alert Logic Repository☆93Feb 7, 2019Updated 7 years ago
- Various short scripts and tools used for Digital Forensics☆14Apr 13, 2025Updated last year
- NSRL BloomFilter, Mandiant BloomFilter, Hyperloglog Malware Data Structure☆15Mar 14, 2014Updated 12 years ago
- Deploy open-source AI quickly and easily - Special Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- ☆12Sep 4, 2013Updated 12 years ago
- Burp plugin that clusters responses to show an overview of received responses☆15Jun 7, 2019Updated 7 years ago
- 🪓 High-Speed Log Analysis & Forensics Tool - Part of NullSec Toolkit☆81Apr 16, 2026Updated 2 months ago
- These FLARE-VM configuration files are designed to be help setup a purpose-built installation, remove unnecessary packages to help stream…☆16Apr 10, 2024Updated 2 years ago
- A PowerShell module for creating and removing Loopback Network Adapters on Windows using Device Conslole (DevCon.exe)☆15Feb 26, 2021Updated 5 years ago
- PowerShell tool to triage systems☆12May 17, 2023Updated 3 years ago
- An advanced Twitter scraping & OSINT tool written in Python that doesn't use Twitter's API, allowing you to scrape a user's followers, fo…☆13Aug 19, 2022Updated 3 years ago
- Historical Observations of Actionable Reputation Data☆13Jun 26, 2018Updated 8 years ago
- Static unpacker for FinSpy VM☆103Jul 11, 2021Updated 4 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Various public documents, whitepapers and articles about APT campaigns☆55Apr 1, 2016Updated 10 years ago
- Visual Basic GUI: A Tool to Inject Keystrokes on a SSH Client via an X11 Forwarded Session☆63Mar 13, 2018Updated 8 years ago
- GCNotify is an Outlook addin for quickly forwarding mail as attachment to a pre-defined e-mail address.☆12Jan 17, 2023Updated 3 years ago
- Windows Application Attack Surface Analyzer☆25Feb 22, 2024Updated 2 years ago
- mOrc is a post-exploitation framework for macOS written in Bash☆19Apr 19, 2023Updated 3 years ago
- Upload a PDF to the reMarkable over SSH, useful for large PDFs that cause the web interface to hang or timeout☆15Mar 17, 2021Updated 5 years ago
- ☆23Oct 9, 2024Updated last year