celyrin / cape-dockerLinks
Quickly deploy CAPEv2 Sandbox service in Docker
β17Updated last year
Alternatives and similar repositories for cape-docker
Users that are interested in cape-docker are comparing it to the libraries listed below
Sorting:
- BYOVD research use cases featuring vulnerable driver discovery and reverse engineering methodology. (CVE-2025-52915, CVE-2025-1055,).β497Updated 2 months ago
- Collection of Linux and macOS Volatility3 Intermediate Symbol Files (ISF), suitable for memory analysis πβ248Updated last month
- Centralized resource for listing and organizing known injection techniques and POCsβ665Updated 3 weeks ago
- Cybersecurity research results. Simple C/C++ and Python implementationsβ287Updated this week
- Unprotect is a collaborative platform dedicated to uncovering and documenting malware evasion techniques. We invite you to join us in thiβ¦β202Updated 3 months ago
- A set of fully-undetectable process injection techniques abusing Windows Thread Poolsβ1,230Updated 2 years ago
- SHAREM is a shellcode analysis framework, capable of emulating more than 20,000 WinAPIs and virutally all Windows syscalls. It also contaβ¦β474Updated 6 months ago
- CAPE core and community parsersβ17Updated this week
- A PowerShell script that attempts to help malware analysts hide their VMware Windows VM's from malware that may be trying to evade analysβ¦β424Updated 11 months ago
- Extracted Yara rules from Windows Defender mpavbase and mpasbaseβ484Updated 3 weeks ago
- Sanctum is an experimental proof-of-concept EDR, designed to detect modern malware techniques, above and beyond the capabilities of antivβ¦β476Updated last month
- Handbook of windows forensic artifacts across multiple Windows version with interpretation tips and some examples. Work in progress!β445Updated last year
- A curated list of ressources for Volatility 2 & 3β13Updated last year
- Living Off The Land Driversβ1,355Updated 3 weeks ago
- MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIRβ691Updated 2 months ago
- A centralized and enhanced memory analysis platformβ511Updated 5 months ago
- Experimental Windows x64 Kernel Rootkit with anti-rootkit evasion features.β580Updated 5 months ago
- Collection of Volatility2 profiles, generated against Linux kernels.β54Updated 2 months ago
- β380Updated last week
- A utility for playing with cryptography, geared towards ransomware analysis.β316Updated 4 months ago
- Collect Windows telemetry for Maldevβ449Updated 2 months ago
- EDR Lab for Experimentation Purposesβ1,399Updated 2 months ago
- Shoggoth: Asmjit Based Polymorphic Encryptorβ771Updated last year
- Some of my publicly available Malware analysis and Reverse engineering.β925Updated last year
- Assortment of hashing algorithms used in malwareβ387Updated 2 months ago
- Python tool to check rootkits in Windows kernelβ204Updated 4 months ago
- Go symbol recovery toolβ879Updated last month
- Now You See Me, Now You Don'tβ1,010Updated last week
- β409Updated last year
- Dynamic unpacker based on PE-sieveβ791Updated 3 months ago