dr4k0nia / tooling-playgroundLinks
A collection of small scripts and tools for deobfuscation and malware analysis.
☆66Updated 2 years ago
Alternatives and similar repositories for tooling-playground
Users that are interested in tooling-playground are comparing it to the libraries listed below
Sorting:
- A C# based tool for analysing malicious OneNote documents☆114Updated 2 years ago
- PowerShell PE Parser☆63Updated last year
- Scan your computer for known vulnerable and known malicious Windows drivers using loldrivers.io☆84Updated 3 weeks ago
- ☆20Updated last year
- ☆118Updated last year
- ☆81Updated 8 months ago
- Browse Windows Prefetch versions: 17,23,26,30v1/2,31 & some of SuperFetch .7db/.db's☆62Updated 7 months ago
- Hollowise is a tool that implements process hollowing and PPID (Parent Process ID) spoofing techniques for masking a legitimate analysis …☆37Updated 5 months ago
- ☆136Updated 2 years ago
- ☆67Updated 2 years ago
- A collection of tools, scripts and personal research☆140Updated last month
- Default Detections for EDR☆96Updated last year
- A CIA tradecraft technique to asynchronously detect when a process is created using WMI.☆135Updated last year
- A Repository to Track Anti-Forensic Techniques☆110Updated 2 years ago
- Powershell implementation of a novel technique. Invoke-GPTObfuscation is a PowerShell Obfuscator that utilizes OpenAI (and other APIs) to…☆49Updated last year
- This repository is meant to catalog network and host artifacts associated with various EDR products "shell" and response functionalities.☆89Updated 11 months ago
- Configuration Extractors for Malware☆110Updated 3 months ago
- A full analysis report detailing as much as possible of a Malware or a Threat☆30Updated last year
- a tiny program to consume from ETW providers for research☆50Updated 7 months ago
- A fully-undetectable ransomware that utilizes OneDrive & Google Drive to encrypt target local files☆126Updated last year
- This is a simulation of attack by Fancy Bear group (APT28) targeting high-ranking government officials Western Asia and Eastern Europe☆34Updated last year
- ☆67Updated 6 months ago
- MITRE TTPs derived from Conti's leaked playbooks from XSS.IS☆39Updated 3 years ago
- Create and enumerate hidden desktops.☆90Updated last year
- Yara Rules for Modern Malware☆78Updated last year
- Finding secrets in kernel and user memory☆116Updated last year
- ☆85Updated 2 years ago
- A collection of my yara rules☆34Updated 2 years ago
- ☆38Updated 2 years ago
- Reverse Engineering and Debugging Malware☆32Updated 2 years ago