embee-research / Icedid-file-decryptor
Static Decryptor for IcedID Malware
☆18Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for Icedid-file-decryptor
- MITRE TTPs derived from Conti's leaked playbooks from XSS.IS☆35Updated 3 years ago
- Repo containing my public talks☆22Updated last year
- ☆22Updated 11 months ago
- Slides from my talk at the Adversary Village, Defcon 30☆29Updated 2 years ago
- A cap/pcap packet parser to make life easier when performing stealth/passive reconnaissance.☆21Updated 3 months ago
- ☆37Updated 3 years ago
- Malware Muncher is a proof-of-concept Python script that utilizes the Frida framework for binary instrumentation and API hooking, enablin…☆42Updated last year
- aggregated repo for all conferences and talks I am giving☆17Updated 3 years ago
- Automatically spider the result set of a Censys/Shodan search and download all files where the file name or folder path matches a regex.☆27Updated last year
- Reverse Engineering and Debugging Malware☆30Updated last year
- Identifies metadata of .NET binary files.☆21Updated 7 months ago
- Collection of tips, tools, arsenal and techniques I've learned during RE and other CyberSecStuff☆53Updated 5 months ago
- Dumping credentials through windbg and pykd☆38Updated last year
- Live memory analysis detecting malware IOCs in processes, modules, handles, tokens, threads, .NET assemblies, memory address space and en…☆26Updated last month
- Create a cool process tree like https://twitter.com/ACEResponder.☆34Updated last year
- The repository accompanying the Buer Emulation workshop☆23Updated 3 years ago
- Triaging Windows event logs based on SANS Poster☆37Updated last year
- Malware campaigns and APTs research by BlackArrow☆18Updated 4 years ago
- Lazarus analysis tools and research report☆55Updated 10 months ago
- A proof-of-concept re-assembler for reverse VNC traffic.☆25Updated last year
- Continuous kerberoast monitor☆43Updated last year
- ☆26Updated 3 months ago
- Autopsy Module to analyze Registry Hives☆13Updated 2 years ago
- Modular malware analysis artifact collection and correlation framework☆52Updated 6 months ago
- Extract payload URLs from Follina (CVE-2022-30190) docx and rtf files☆31Updated 2 years ago
- Small Python tool to do DLL Sideloading (and consequently, other DLL attacks).☆53Updated 2 years ago
- Simple PowerShell script to enable process scanning with Yara.☆90Updated 2 years ago
- ☆33Updated last year