dr4k0nia / tooling-playgroundLinks
A collection of small scripts and tools for deobfuscation and malware analysis.
☆66Updated 2 years ago
Alternatives and similar repositories for tooling-playground
Users that are interested in tooling-playground are comparing it to the libraries listed below
Sorting:
- ☆82Updated 9 months ago
- A C# based tool for analysing malicious OneNote documents☆114Updated 2 years ago
- Browse Windows Prefetch versions: 17,23,26,30v1/2,31 & some of SuperFetch .7db/.db's☆62Updated 8 months ago
- ☆29Updated last year
- PowerShell PE Parser☆63Updated last year
- Yara Rules for Modern Malware☆79Updated last year
- ☆136Updated 2 years ago
- A CIA tradecraft technique to asynchronously detect when a process is created using WMI.☆134Updated last year
- ☆68Updated 2 years ago
- ☆84Updated 3 years ago
- Hollowise is a tool that implements process hollowing and PPID (Parent Process ID) spoofing techniques for masking a legitimate analysis …☆37Updated 6 months ago
- Reverse Engineering and Debugging Malware☆32Updated 2 years ago
- A collection of tools, scripts and personal research☆145Updated 2 weeks ago
- Configuration Extractors for Malware☆111Updated 4 months ago
- A Repository to Track Anti-Forensic Techniques☆111Updated 2 years ago
- ☆24Updated 6 months ago
- ☆120Updated last year
- A full analysis report detailing as much as possible of a Malware or a Threat☆30Updated last year
- Malware Muncher is a proof-of-concept Python script that utilizes the Frida framework for binary instrumentation and API hooking, enablin…☆46Updated 2 years ago
- Detection rule validation☆41Updated last year
- A fully-undetectable ransomware that utilizes OneDrive & Google Drive to encrypt target local files☆127Updated last year
- Scan your computer for known vulnerable and known malicious Windows drivers using loldrivers.io☆86Updated last month
- ☆68Updated 6 months ago
- Live memory analysis detecting malware IOCs in processes, modules, handles, tokens, threads, .NET assemblies, memory address space and en…☆42Updated 11 months ago
- This repository is meant to catalog network and host artifacts associated with various EDR products "shell" and response functionalities.☆91Updated 11 months ago
- Default Detections for EDR☆96Updated last year
- ☆38Updated 2 years ago
- ☆103Updated 9 months ago
- A proof-of-concept re-assembler for reverse VNC traffic.☆25Updated 2 years ago
- This is a simulation of attack by Fancy Bear group (APT28) targeting high-ranking government officials Western Asia and Eastern Europe☆34Updated last year