embee-research / IcedID
Static Decryptor for IcedID Malware
☆18Updated last year
Related projects: ⓘ
- ☆22Updated 9 months ago
- A cap/pcap packet parser to make life easier when performing stealth/passive reconnaissance.☆21Updated 2 months ago
- The repository accompanying the Buer Emulation workshop☆23Updated 3 years ago
- ☆26Updated last month
- Slides from my talk at the Adversary Village, Defcon 30☆28Updated last year
- Create a cool process tree like https://twitter.com/ACEResponder.☆34Updated last year
- Small Python tool to do DLL Sideloading (and consequently, other DLL attacks).☆53Updated last year
- Reverse Engineering and Debugging Malware☆28Updated last year
- Automatically spider the result set of a Censys/Shodan search and download all files where the file name or folder path matches a regex.☆27Updated last year
- Repo containing my public talks☆22Updated last year
- This repo hosts a poc of how to execute F# code within an unmanaged process☆64Updated 2 months ago
- ☆17Updated this week
- My Malware Analysis Reports☆18Updated 2 years ago
- ☆50Updated this week
- Malicious Macro attack techniques for red teamers☆15Updated 3 years ago
- ☆17Updated last year
- MITRE TTPs derived from Conti's leaked playbooks from XSS.IS☆32Updated 2 years ago
- Malware Muncher is a proof-of-concept Python script that utilizes the Frida framework for binary instrumentation and API hooking, enablin…☆42Updated last year
- Triaging Windows event logs based on SANS Poster☆37Updated last year
- aggregated repo for all conferences and talks I am giving☆17Updated 2 years ago
- Scans a list of raccoon servers from Tria.ge and extracts the config☆15Updated last year
- Tools helpful for malware analysis☆22Updated last month
- A fast wordlist to nthash converter☆21Updated 2 years ago
- A C implementation of the Sektor7 "A Thief" Windows privesc technique.☆59Updated 2 years ago
- Scan your computer for known vulnerable and known malicious Windows drivers using loldrivers.io☆77Updated 7 months ago
- Extract payload URLs from Follina (CVE-2022-30190) docx and rtf files☆30Updated 2 years ago
- Simple PowerShell script to enable process scanning with Yara.☆86Updated last year
- ☆22Updated 2 years ago
- Dumping credentials through windbg and pykd☆38Updated 11 months ago
- Utility to analyse, ingest and push out credentials from common data sources during an internal penetration test.☆19Updated 2 years ago