celyrin / cape-dockerLinks
Quickly deploy CAPEv2 Sandbox service in Docker
β19Updated last year
Alternatives and similar repositories for cape-docker
Users that are interested in cape-docker are comparing it to the libraries listed below
Sorting:
- Living Off The Land Driversβ1,386Updated this week
- Collection of Linux and macOS Volatility3 Intermediate Symbol Files (ISF), suitable for memory analysis πβ259Updated 3 weeks ago
- BYOVD research use cases featuring vulnerable driver discovery and reverse engineering methodology. (CVE-2025-52915, CVE-2025-1055,).β547Updated 3 months ago
- Centralized resource for listing and organizing known injection techniques and POCsβ673Updated last week
- SHAREM is a shellcode analysis framework, capable of emulating more than 20,000 WinAPIs and virutally all Windows syscalls. It also contaβ¦β478Updated 7 months ago
- A set of fully-undetectable process injection techniques abusing Windows Thread Poolsβ1,243Updated 2 years ago
- Cybersecurity research results. Simple C/C++ and Python implementationsβ290Updated last week
- CAPE core and community parsersβ18Updated this week
- MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIRβ693Updated 3 months ago
- Unprotect is a collaborative platform dedicated to uncovering and documenting malware evasion techniques. We invite you to join us in thiβ¦β203Updated 4 months ago
- Dynamic unpacker based on PE-sieveβ796Updated 4 months ago
- Extracted Yara rules from Windows Defender mpavbase and mpasbaseβ492Updated last month
- Important notes and topics on my journey towards mastering Windows Internalsβ426Updated last year
- β391Updated 7 months ago
- A PowerShell script that attempts to help malware analysts hide their VMware Windows VM's from malware that may be trying to evade analysβ¦β425Updated last year
- Collect Windows telemetry for Maldevβ455Updated last week
- Experimental Windows x64 Kernel Rootkit with anti-rootkit evasion features.β587Updated 6 months ago
- Sanctum is an experimental proof-of-concept EDR, designed to detect modern malware techniques, above and beyond the capabilities of antivβ¦β498Updated this week
- Assortment of hashing algorithms used in malwareβ389Updated 3 weeks ago
- A centralized and enhanced memory analysis platformβ517Updated 6 months ago
- EDR Lab for Experimentation Purposesβ1,409Updated 2 weeks ago
- [MAF - Malware Analysis Feed] This repository aim to collect useful scripts and rules for the detection of malware families analyzed by Zβ¦β23Updated last year
- A utility for playing with cryptography, geared towards ransomware analysis.β318Updated 5 months ago
- The multi-platform memory acquisition tool.β942Updated 3 months ago
- Go symbol recovery toolβ912Updated 3 weeks ago
- Collection of Volatility2 profiles, generated against Linux kernels.β54Updated 3 months ago
- Some of my publicly available Malware analysis and Reverse engineering.β929Updated last year
- Shoggoth: Asmjit Based Polymorphic Encryptorβ778Updated last year
- Handbook of windows forensic artifacts across multiple Windows version with interpretation tips and some examples. Work in progress!β458Updated last year
- Reports in .MD formatβ21Updated 7 months ago