f0wl / MalwareLab_VM-Setup
Setup scripts for my Malware Analysis VMs
☆252Updated 3 years ago
Alternatives and similar repositories for MalwareLab_VM-Setup:
Users that are interested in MalwareLab_VM-Setup are comparing it to the libraries listed below
- Code and yara rules to detect and analyze Cobalt Strike☆264Updated 3 years ago
- Exercise writeups from the book Practical Malware Analysis.☆202Updated last year
- ☆1,047Updated last year
- Anti-virus artifacts. Listing APIs hooked by: Avira, BitDefender, F-Secure, MalwareBytes, Norton, TrendMicro, and WebRoot.☆736Updated 3 years ago
- Quickly debug shellcode extracted during malware analysis☆594Updated last year
- Expriments☆452Updated 5 months ago
- Scan files or process memory for CobaltStrike beacons and parse their configuration☆904Updated 3 years ago
- Extract and Deobfuscate XLM macros (a.k.a Excel 4.0 Macros)☆577Updated 10 months ago
- Hunts out CobaltStrike beacons and logs operator command output☆914Updated 6 months ago
- Evasions encyclopedia gathers methods used by malware to evade detection when run in virtualized environment. Methods are grouped into ca…☆397Updated 8 months ago
- ☆295Updated 3 years ago
- Beta versions of my software☆249Updated last year
- c2 traffic☆188Updated 2 years ago
- A repository that maps commonly used attacks using MSRPC protocols to ATT&CK☆322Updated last year
- Analysis of malware and Cyber Threat Intel of APT and cybercriminals groups☆707Updated 2 years ago
- Detect and respond to Cobalt Strike beacons using ETW.☆487Updated 2 years ago
- Scan installed EDRs and AVs on Windows☆579Updated last year
- ☆748Updated last year
- Tool based on CobaltStrikeParser from SentinelOne which can be used to spam a CobaltStrike server with fake beacons☆367Updated 3 years ago
- Project for identifying executables and DLLs vulnerable to relative path DLL hijacking.☆458Updated 10 months ago
- This repo is a collection of Ransomware reports from vendors, researchers, etc.☆115Updated 2 years ago
- ☆411Updated 2 years ago
- Personal research and publication on malware families☆137Updated 3 months ago
- Python library for dissecting and parsing Cobalt Strike related data such as Beacon payloads and Malleable C2 Profiles☆163Updated 5 months ago
- ☆447Updated 3 years ago
- Small and convenient C2 tool for Windows targets. [ Русский -- значит нахуй! ]☆597Updated 3 years ago
- Skrull is a malware DRM, that prevents Automatic Sample Submission by AV/EDR and Signature Scanning from Kernel. It generates launchers t…☆454Updated 3 years ago
- Excel Macro Document Reader/Writer for Red Teamers & Analysts☆518Updated 3 years ago
- Imaginary C2 is a python tool which aims to help in the behavioral (network) analysis of malware. Imaginary C2 hosts a HTTP server which …☆449Updated 2 years ago
- IOC from articles, tweets for archives☆313Updated last year