dr4k0nia / tooling-playgroundLinks
A collection of small scripts and tools for deobfuscation and malware analysis.
☆66Updated 2 years ago
Alternatives and similar repositories for tooling-playground
Users that are interested in tooling-playground are comparing it to the libraries listed below
Sorting:
- Yara Rules for Modern Malware☆77Updated last year
- Scan your computer for known vulnerable and known malicious Windows drivers using loldrivers.io☆82Updated last year
- PowerShell PE Parser☆63Updated 11 months ago
- A C# based tool for analysing malicious OneNote documents☆114Updated 2 years ago
- ☆119Updated last year
- A collection of tools, scripts and personal research☆131Updated 2 months ago
- Live memory analysis detecting malware IOCs in processes, modules, handles, tokens, threads, .NET assemblies, memory address space and en…☆41Updated 9 months ago
- Browse Windows Prefetch versions: 17,23,26,30v1/2,31 & some of SuperFetch .7db/.db's☆62Updated 6 months ago
- A collection of my yara rules☆34Updated last year
- This repository is meant to catalog network and host artifacts associated with various EDR products "shell" and response functionalities.☆80Updated 9 months ago
- ☆20Updated last year
- ☆81Updated 7 months ago
- Hollowise is a tool that implements process hollowing and PPID (Parent Process ID) spoofing techniques for masking a legitimate analysis …☆36Updated 4 months ago
- ☆85Updated 2 years ago
- ☆27Updated 6 months ago
- Default Detections for EDR☆96Updated last year
- Create and enumerate hidden desktops.☆90Updated last year
- This project is an implant framework designed for long term persistent access to Windows machines.☆110Updated last year
- Work in progress experiments with reverse shells, AV bypass and extraction of secrets from memory in C☆39Updated 5 years ago
- Configuration Extractors for Malware☆106Updated 2 months ago
- ☆100Updated 7 months ago
- Reverse Engineering and Debugging Malware☆32Updated 2 years ago
- Bypass Malware Time Delays☆102Updated 2 years ago
- Create a cool process tree like https://twitter.com/ACEResponder.☆35Updated 2 years ago
- ☆136Updated 2 years ago
- Finding secrets in kernel and user memory☆116Updated last year
- A tool for interacting with the Anti-Malware Scan Interface API for pen testing purposes.☆62Updated last year
- a tiny program to consume from ETW providers for research☆49Updated 5 months ago
- Simple PowerShell script to enable process scanning with Yara.☆94Updated 2 years ago
- Simple EDR that injects a DLL into a process to place a hook on specific Windows API☆93Updated last year