Unpacking and decryption tools for the Emotet malware
☆44Dec 5, 2021Updated 4 years ago
Alternatives and similar repositories for DeMotet
Users that are interested in DeMotet are comparing it to the libraries listed below
Sorting:
- Simple Script to Help You Find All Files Has Been Modified, Accessed, and Created In A Range Time.☆27Dec 1, 2022Updated 3 years ago
- Domain Connectivity Analysis Tools to analyze aggregate connectivity patterns across a set of domains during security investigations☆46Nov 1, 2021Updated 4 years ago
- Hundred Days of Yara Challenge☆12Jun 21, 2022Updated 3 years ago
- Threat Detection Rules (Snort/Sigma/Yara)☆14Jan 23, 2024Updated 2 years ago
- Python 3 - Manipulation and conversation with different data type (Bytes operations)☆28Feb 15, 2022Updated 4 years ago
- ☆14Aug 21, 2022Updated 3 years ago
- ☆23May 23, 2024Updated last year
- ☆26Sep 29, 2022Updated 3 years ago
- ☆15Feb 22, 2021Updated 5 years ago
- ☆19Sep 21, 2020Updated 5 years ago
- ☆15Nov 25, 2021Updated 4 years ago
- ☆18Mar 26, 2024Updated last year
- Collection of tips, tools, arsenal and techniques I've learned during RE and other CyberSecStuff☆58Sep 15, 2025Updated 5 months ago
- Threat Box Assessment Tool☆19Aug 15, 2021Updated 4 years ago
- ☆22Dec 22, 2020Updated 5 years ago
- Scripts to aid analysis of files obfuscated with ScatterBee.☆24Jan 6, 2023Updated 3 years ago
- An experimental dynamic malware unpacker based on Intel Pin and PE-sieve☆63Aug 21, 2024Updated last year
- A set of YARA rules for the AIL framework to detect leak or information disclosure☆41Jan 31, 2025Updated last year
- IDA plugin for quickly copying disassembly as encoded hex bytes☆65Feb 5, 2022Updated 4 years ago
- A small tool to unmap PE memory dumps.☆11Nov 9, 2023Updated 2 years ago
- WslinkVMAnalyzer is a tool to facilitate analysis of code protected by a virtual machine featured in Wslink malware☆48Jun 5, 2022Updated 3 years ago
- Random hunting ordiented yara rules☆96Mar 27, 2023Updated 2 years ago
- ☆10Dec 24, 2022Updated 3 years ago
- Cobalt Strike DNS beacon parser☆11Nov 29, 2021Updated 4 years ago
- Provides a multi-platform Graphical User Interface for hashlookup☆12Jul 12, 2024Updated last year
- Small and highly portable detection tests based on MITRE's ATT&CK.☆10Feb 17, 2025Updated last year
- Misc malware stuff☆11Sep 30, 2020Updated 5 years ago
- This repository contains various files linked to Operation Shadowhammer as it was originally discovered by Kaspersky Team.☆12Mar 27, 2019Updated 6 years ago
- Notebooks created to attack and secure Active Directory environments☆27Nov 18, 2019Updated 6 years ago
- ransomware_begone☆42Mar 15, 2016Updated 9 years ago
- Active C2 IoCs☆99Nov 28, 2022Updated 3 years ago
- A YARA rules repository continuously updated for monitoring the old and new threats from articles, incidents responses ...☆141Nov 19, 2023Updated 2 years ago
- ☆23Aug 10, 2020Updated 5 years ago
- JPCERT/CC public YARA rules repository☆109Nov 14, 2025Updated 3 months ago
- Some rules, scripts of some use to us☆11Oct 25, 2024Updated last year
- function identification signatures☆12Apr 26, 2021Updated 4 years ago
- Writing Your Own Ticket to the Cloud Like APT: A Deep-dive to AD FS Attacks, Detections, and Mitigations☆12Dec 9, 2022Updated 3 years ago
- gundog - guided hunting in Microsoft Defender☆52Apr 29, 2021Updated 4 years ago
- .NET deobfuscator and unpacker (with a control flow unflattener for DoubleZero added).☆29Jun 14, 2022Updated 3 years ago