f0wl / blackCatConf
Configuration Extractor for BlackCat Ransomware
☆30Updated 3 years ago
Alternatives and similar repositories for blackCatConf:
Users that are interested in blackCatConf are comparing it to the libraries listed below
- Automatically spider the result set of a Censys/Shodan search and download all files where the file name or folder path matches a regex.☆27Updated last year
- MITRE TTPs derived from Conti's leaked playbooks from XSS.IS☆37Updated 3 years ago
- ☆26Updated 4 months ago
- Hollowise is a tool that implements process hollowing and PPID (Parent Process ID) spoofing techniques for masking a legitimate analysis …☆26Updated last month
- Scan files for potential threats while leveraging AMSI (Antimalware Scan Interface) and Windows Defender. By isolating malicious content.☆15Updated 3 months ago
- Small Python tool to do DLL Sideloading (and consequently, other DLL attacks).☆55Updated 2 years ago
- A project created with an aim to emulate and test exfiltration of data over different network protocols.☆31Updated 2 years ago
- ☆34Updated 2 years ago
- A proof-of-concept re-assembler for reverse VNC traffic.☆25Updated last year
- Defeating Anti-Debugging Techniques for Malware Analysis☆13Updated 2 years ago
- Create a cool process tree like https://twitter.com/ACEResponder.☆35Updated 2 years ago
- Malware Muncher is a proof-of-concept Python script that utilizes the Frida framework for binary instrumentation and API hooking, enablin…☆44Updated 2 years ago
- ☆14Updated 11 months ago
- ☆24Updated 2 years ago
- Python wrappers for mal_unpack☆35Updated last year
- Yara Rules for Modern Malware☆75Updated last year
- ☆10Updated 2 years ago
- Scripts, Yara rules and other files developed during malware investigations☆25Updated 2 years ago
- Collection of my own detection rules☆17Updated last year
- Golang bindings for PE-sieve☆42Updated last year
- Info related to the Outflank training: Microsoft Office Offensive Tradecraft☆52Updated 10 months ago
- quASAR: ASAR manipulation made easy☆34Updated 2 years ago
- Repo for The Crown: Exploratory Analysis of Nim Malware DEF CON 615 talk☆45Updated 3 years ago
- Extract payload URLs from Follina (CVE-2022-30190) docx and rtf files☆31Updated 2 years ago
- Slides from my talk at the Adversary Village, Defcon 30☆29Updated 2 years ago
- Tools for offensive security of NetBackup infrastructures☆39Updated last year
- ☆22Updated 10 months ago
- Modular malware analysis artifact collection and correlation framework☆53Updated 11 months ago
- The repository accompanying the Buer Emulation workshop☆24Updated 3 years ago
- PoC MSI payload based on ASEC/AhnLab's blog post☆23Updated 2 years ago