f0wl / MalwareLab_VM-Setup
Setup scripts for my Malware Analysis VMs
☆243Updated 2 years ago
Related projects: ⓘ
- Code and yara rules to detect and analyze Cobalt Strike☆262Updated 3 years ago
- Anti-virus artifacts. Listing APIs hooked by: Avira, BitDefender, F-Secure, MalwareBytes, Norton, TrendMicro, and WebRoot.☆722Updated 2 years ago
- ☆1,008Updated 9 months ago
- Scan files or process memory for CobaltStrike beacons and parse their configuration☆894Updated 3 years ago
- Hunts out CobaltStrike beacons and logs operator command output☆870Updated 2 weeks ago
- Beta versions of my software☆245Updated 11 months ago
- ☆718Updated 11 months ago
- Extract and Deobfuscate XLM macros (a.k.a Excel 4.0 Macros)☆568Updated 4 months ago
- Exercise writeups from the book Practical Malware Analysis.☆192Updated last year
- Scan installed EDRs and AVs on Windows☆554Updated last year
- A repository that maps commonly used attacks using MSRPC protocols to ATT&CK☆305Updated last year
- Detect and respond to Cobalt Strike beacons using ETW.☆478Updated 2 years ago
- Tool based on CobaltStrikeParser from SentinelOne which can be used to spam a CobaltStrike server with fake beacons☆365Updated 3 years ago
- Quickly debug shellcode extracted during malware analysis☆547Updated last year
- Analysis of malware and Cyber Threat Intel of APT and cybercriminals groups☆697Updated last year
- Evasions encyclopedia gathers methods used by malware to evade detection when run in virtualized environment. Methods are grouped into ca…☆376Updated 2 months ago
- Self-developed tools for Lateral Movement/Code Execution☆685Updated 3 years ago
- ☆183Updated 2 weeks ago
- ☆288Updated 3 years ago
- A method of bypassing EDR's active projection DLL's by preventing entry point exection☆1,094Updated 3 years ago
- Expriments☆438Updated 4 months ago
- Excel Macro Document Reader/Writer for Red Teamers & Analysts☆513Updated 2 years ago
- ☆1,980Updated last year
- ☆401Updated 2 years ago
- Some notes and examples for cobalt strike's functionality☆969Updated 2 years ago
- Alternative Shellcode Execution Via Callbacks☆1,412Updated last year
- C2concealer is a command line tool that generates randomized C2 malleable profiles for use in Cobalt Strike.☆991Updated 2 months ago
- Moneta is a live usermode memory analysis tool for Windows with the capability to detect malware IOCs☆659Updated 6 months ago
- collect for learning cases☆563Updated 3 months ago
- ☆1,457Updated 2 weeks ago