f0wl / MalwareLab_VM-SetupLinks
Setup scripts for my Malware Analysis VMs
☆256Updated 3 years ago
Alternatives and similar repositories for MalwareLab_VM-Setup
Users that are interested in MalwareLab_VM-Setup are comparing it to the libraries listed below
Sorting:
- Code and yara rules to detect and analyze Cobalt Strike☆271Updated 4 years ago
- Exercise writeups from the book Practical Malware Analysis.☆230Updated 2 years ago
- Beta versions of my software☆263Updated 3 months ago
- Anti-virus artifacts. Listing APIs hooked by: Avira, BitDefender, F-Secure, MalwareBytes, Norton, TrendMicro, and WebRoot.☆748Updated 3 years ago
- Extract and Deobfuscate XLM macros (a.k.a Excel 4.0 Macros)☆582Updated last year
- ☆300Updated 4 years ago
- Detect and respond to Cobalt Strike beacons using ETW.☆508Updated 3 years ago
- APT Malware Dataset Containing over 3,500 State-Sponsored Malware Samples☆346Updated 2 years ago
- Scan files or process memory for CobaltStrike beacons and parse their configuration☆918Updated 4 years ago
- ☆211Updated 3 months ago
- This repo is a collection of Ransomware reports from vendors, researchers, etc.☆119Updated 3 years ago
- ☆1,106Updated last year
- Quickly debug shellcode extracted during malware analysis☆612Updated 2 years ago
- Tool based on CobaltStrikeParser from SentinelOne which can be used to spam a CobaltStrike server with fake beacons☆372Updated 4 years ago
- Analysis of malware and Cyber Threat Intel of APT and cybercriminals groups☆714Updated 2 years ago
- A repository that maps commonly used attacks using MSRPC protocols to ATT&CK☆336Updated 2 years ago
- Evasions encyclopedia gathers methods used by malware to evade detection when run in virtualized environment. Methods are grouped into ca…☆431Updated last year
- Threat Intel IoCs + bits and pieces of dark matter☆417Updated 4 months ago
- ☆33Updated 7 years ago
- RdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps.☆289Updated 2 years ago
- ☆453Updated 4 years ago
- Python library for dissecting and parsing Cobalt Strike related data such as Beacon payloads and Malleable C2 Profiles☆178Updated 3 months ago
- Community modules for CAPE Sandbox☆103Updated last week
- Emulate and Dissect MSF and *other* attacks☆143Updated last year
- An easy ATT&CK-based Sysmon hunting tool, showing in Blackhat USA 2019 Arsenal☆202Updated 3 years ago
- Arya is a unique tool that produces pseudo-malicious files meant to trigger YARA rules. You can think of it like a reverse YARA.☆258Updated 2 years ago
- c2 traffic☆190Updated 2 years ago
- Pull some Malware samples here for other security researchers/malware analyst's to analyze and play with.☆173Updated last year
- Open Dataset of Cobalt Strike Beacon metadata (2018-2022)☆125Updated 3 years ago
- Collection of malware persistence and hunting information. Be a persistent persistence hunter!☆181Updated 2 months ago