f0wl / MalwareLab_VM-SetupLinks
Setup scripts for my Malware Analysis VMs
☆253Updated 3 years ago
Alternatives and similar repositories for MalwareLab_VM-Setup
Users that are interested in MalwareLab_VM-Setup are comparing it to the libraries listed below
Sorting:
- Code and yara rules to detect and analyze Cobalt Strike☆268Updated 4 years ago
- Scan files or process memory for CobaltStrike beacons and parse their configuration☆910Updated 3 years ago
- ☆1,068Updated last year
- Anti-virus artifacts. Listing APIs hooked by: Avira, BitDefender, F-Secure, MalwareBytes, Norton, TrendMicro, and WebRoot.☆740Updated 3 years ago
- Extract and Deobfuscate XLM macros (a.k.a Excel 4.0 Macros)☆581Updated last year
- Quickly debug shellcode extracted during malware analysis☆604Updated 2 years ago
- ☆299Updated 4 years ago
- Evasions encyclopedia gathers methods used by malware to evade detection when run in virtualized environment. Methods are grouped into ca…☆410Updated 11 months ago
- Exercise writeups from the book Practical Malware Analysis.☆227Updated last year
- Tool based on CobaltStrikeParser from SentinelOne which can be used to spam a CobaltStrike server with fake beacons☆369Updated 3 years ago
- Hunts out CobaltStrike beacons and logs operator command output☆927Updated 9 months ago
- A repository that maps commonly used attacks using MSRPC protocols to ATT&CK☆331Updated 2 years ago
- Beta versions of my software☆255Updated last week
- Analysis of malware and Cyber Threat Intel of APT and cybercriminals groups☆708Updated 2 years ago
- ☆754Updated last year
- Project for identifying executables and DLLs vulnerable to relative path DLL hijacking.☆470Updated last year
- A protective and Low Level Shellcode Loader that defeats modern EDR systems.☆909Updated last year
- Detect and respond to Cobalt Strike beacons using ETW.☆500Updated 2 years ago
- Evade sysmon and windows event logging☆624Updated 5 years ago
- eBook "Bypassing AVS by C#.NET Programming" (Free Chapters only)☆467Updated 2 years ago
- Ps-Tools, an advanced process monitoring toolkit for offensive operations☆345Updated 4 years ago
- POCs for Shellcode Injection via Callbacks☆407Updated 4 years ago
- Moneta is a live usermode memory analysis tool for Windows with the capability to detect malware IOCs☆755Updated last year
- Skrull is a malware DRM, that prevents Automatic Sample Submission by AV/EDR and Signature Scanning from Kernel. It generates launchers t…☆457Updated 3 years ago
- Small and convenient C2 tool for Windows targets. [ Русский -- значит нахуй! ]☆611Updated 3 years ago
- Expriments☆463Updated 8 months ago
- Evasive shellcode loader for bypassing event-based injection detection (PoC)☆778Updated 3 years ago
- IOC from articles, tweets for archives☆313Updated last year
- Personal research and publication on malware families☆139Updated 5 months ago
- ☆452Updated 3 years ago