☆19Aug 6, 2021Updated 4 years ago
Alternatives and similar repositories for Introduction-to-Process-Hollowing
Users that are interested in Introduction-to-Process-Hollowing are comparing it to the libraries listed below
Sorting:
- ☆10Jul 1, 2023Updated 2 years ago
- This repository includes a mapping table and a reference process that allows converting between STIX 2.1 Course of Action objects that ma…☆16Aug 24, 2022Updated 3 years ago
- Spawn SYSTEM shells like a PRO!☆10Mar 8, 2023Updated 3 years ago
- Help deobfuscate VBScript☆18Jul 1, 2022Updated 3 years ago
- A nim port of C5pider's Ekko project.☆17Oct 1, 2022Updated 3 years ago
- A small tool to unmap PE memory dumps.☆11Nov 9, 2023Updated 2 years ago
- A STIX 2.1 Extension Definition for the Course of Action (COA) object type. The nested property extension allows a COA to share machine-r…☆23Dec 11, 2023Updated 2 years ago
- Utilities for use with IP. It has functions for IPv4, IPv6 and CIDR.☆15May 31, 2024Updated last year
- function identification signatures☆12Apr 26, 2021Updated 4 years ago
- An IDA plugin to deobfuscate Pikabot's strings using RC4 and AES☆13Apr 8, 2024Updated last year
- Notes some analysis related to VidarStealer sample☆16May 5, 2024Updated last year
- Unused DLL hollowing PoC in Nim☆17Jan 31, 2022Updated 4 years ago
- Cyber Threat Intelligence☆78Dec 7, 2025Updated 3 months ago
- Tool to decrypt the configuration of NanoCore and dump all used plugins☆12Dec 8, 2020Updated 5 years ago
- AWS EKS Cluster Forensics☆23Aug 16, 2021Updated 4 years ago
- IDA plugin to deobfuscate emotet CFF☆18Apr 26, 2022Updated 3 years ago
- This program will take encrypted shell code and decrypt it in run time and inject it into another process☆29Mar 24, 2022Updated 3 years ago
- Custom Splunk search command to reconstruct a pstree from Sysmon process creation events (EventCode 1)☆24Mar 3, 2023Updated 3 years ago
- A python script that can detect and parse loki-bot (malware) related network traffic. This script can be helpful to DFIR analysts and sec…☆13Dec 31, 2021Updated 4 years ago
- Code snippets for Qiling Tutorials☆21Aug 22, 2020Updated 5 years ago
- Get-PDInvokeImports is tool (PowerShell module) which is able to perform automatic detection of P/Invoke, Dynamic P/Invoke and D/Invoke u…☆54Apr 10, 2022Updated 3 years ago
- NimReflectiveLoader is a Nim-based tool for in-memory DLL execution using Reflective DLL Loading.☆31Jan 21, 2024Updated 2 years ago
- Some YARA rules i will add from time to time☆12May 31, 2019Updated 6 years ago
- A small utility to deal with malware embedded hashes.☆53Sep 21, 2023Updated 2 years ago
- Fork of Synacktiv's private Lumina server☆21Feb 22, 2022Updated 4 years ago
- A simple gui library for Nim programming language based on Windows API☆30Jan 20, 2026Updated 2 months ago
- A tiny macro library for protecting sensitive strings in compiled binaries☆40Oct 8, 2024Updated last year
- morphHTA - Morphing Cobalt Strike's evil.HTA☆10Jun 3, 2017Updated 8 years ago
- sideloading PoC using onedrive.exe & version.dll☆93Oct 30, 2025Updated 4 months ago
- Exploit POC for CVE-2024-22026 affecting Ivanti EPMM "MobileIron Core"☆15May 15, 2024Updated last year
- Emulation Wrapper Solution is a IDA Pro plugin that brings emulator capacities to provide features such as debugging an mocking.☆23May 25, 2023Updated 2 years ago
- Ergonomic GMP Integers for Nim☆10Sep 1, 2023Updated 2 years ago
- Nim implementation of Simple Serialize (SSZ) serialization and merkleization☆10Updated this week
- GraphViz dot files into Figma☆14Oct 24, 2025Updated 4 months ago
- indent guides plugin for hex-rays decompiler☆81Mar 10, 2026Updated last week
- ☆15Feb 18, 2022Updated 4 years ago
- ☆23May 24, 2024Updated last year
- ☆13Oct 29, 2022Updated 3 years ago
- A teminal othello (reversi) in Nim.☆11May 2, 2021Updated 4 years ago