fr0gger / unprotectLinks
Unprotect is a python tool for parsing PE malware and extract evasion techniques.
☆118Updated 2 years ago
Alternatives and similar repositories for unprotect
Users that are interested in unprotect are comparing it to the libraries listed below
Sorting:
- A Feature Rich Modular Malware Configuration Extraction Utility for MalDuck☆130Updated last year
- Malware similarity platform with modularity in mind.☆78Updated 4 years ago
- Malware Configuration Extraction Modules☆51Updated last year
- Capa analysis importer for Ghidra.☆63Updated 4 years ago
- A golang CLI tool to download malware from a variety of sources.☆150Updated 3 months ago
- TA505 unpacker Python 2.7☆47Updated 5 years ago
- Various capabilities for static malware analysis.☆79Updated last year
- Sentello is python script that simulates the anti-evasion and anti-analysis techniques used by malware.☆75Updated 4 years ago
- ConventionEngine - A Yara Rulepack for PDB Path Hunting☆37Updated 2 years ago
- Automatic YARA rule generation for Malpedia☆162Updated 3 years ago
- Scripts, Yara rules and other files developed during malware investigations☆25Updated 3 years ago
- Userland API monitor for threat hunting☆58Updated 5 years ago
- Unpacking and decryption tools for the Emotet malware☆45Updated 3 years ago
- MAEC Schemas and Schema Development☆88Updated 5 years ago
- ☆27Updated 3 years ago
- Standardized Malware Analysis Tool☆55Updated 4 years ago
- The following repository contains a modified version of SUNBURST with cracekd hashes, comments and annotations.☆56Updated 4 years ago
- API Logger for Windows Executables☆79Updated 5 years ago
- A summary about different projects/presentations/tools to test how to evade malware sandbox systems☆55Updated 6 years ago
- Ghidra plugin for https://analyze.intezer.com☆72Updated 3 years ago
- A curated list of malware repositories, trackers and malware analysis tools☆88Updated 2 years ago
- ☆84Updated 5 years ago
- Scripts and tools accompanying HP Threat Research blog posts and reports.☆50Updated last year
- Leverage AMSI (Antimalware Scan Interface) technology to aid your analysis. This tool saves all buffers (scripts, .NET assemblies, etc) …☆112Updated 4 years ago
- A small utility to deal with malware embedded hashes.☆52Updated 2 years ago
- ☆27Updated 2 years ago
- Royal Road RTF Weaponizer object decoder☆24Updated last year
- ☆109Updated last month
- YARA rule metadata specification and validation utility / Spécification et validation pour les règles YARA☆107Updated 5 months ago
- Hollowfind is a Volatility plugin to detect different types of process hollowing techniques used in the wild to bypass, confuse, deflect …☆141Updated 3 years ago