freakick22 / SpyAI
Intelligent Malware that takes screenshots for entire monitors and exfiltrate them through Trusted Channel Slack to the C2 server that's using GPT-4 Vision to analyze them and construct daily activity — frame by frame
☆28Updated this week
Alternatives and similar repositories for SpyAI:
Users that are interested in SpyAI are comparing it to the libraries listed below
- Rule Engine for Dynamic Malware Analysis and Research☆23Updated last week
- ☆29Updated last month
- Lena's scripts/code/resources for malware analysis☆26Updated 10 months ago
- ☆42Updated 3 weeks ago
- ☆18Updated last month
- Windows AppLocker Driver (appid.sys) LPE☆55Updated 8 months ago
- ☆18Updated 3 months ago
- ☆39Updated last month
- Tool that can be used to trim useless things from a PE file such as the things a file pumper would add.☆26Updated 3 weeks ago
- ☆35Updated last month
- DLL Unlinking from InLoadOrderModuleList, InMemoryOrderModuleList, InInitializationOrderModuleList, and LdrpHashTable☆57Updated last year
- Situational Awareness script to identify how and where to run implants☆50Updated 4 months ago
- Hollowise is a tool that implements process hollowing and PPID (Parent Process ID) spoofing techniques for masking a legitimate analysis …☆36Updated 2 months ago
- The Frida-Jit-unPacker aims at helping researchers and analysts understand the behavior of packed malicious .NET samples.☆57Updated last year
- One Click Tool to Scan All the Enabled Protection of current Windows NT Kernel☆43Updated last year
- e(X)tensiable (Rust) Malware Toolkit: (Soon!) Full Featured Rust C2 Framework with Awesome Features!☆24Updated 8 months ago
- Work in progress experiments with reverse shells, AV bypass and extraction of secrets from memory in C☆39Updated 5 years ago
- BYOVD Technique Example using viragt64 driver☆38Updated 9 months ago
- Mentally ill EtwTi parser☆36Updated 3 weeks ago
- 「⚠️」Performing a BYOVD on the truesight.sys driver☆34Updated 4 months ago
- A more reliable way of resolving syscall numbers in Windows☆49Updated last year
- A pure C version of SymProcAddress☆27Updated last year
- ☆16Updated 2 months ago
- Enumerate SSN (System Service Numbers or Syscall ID) and syscall instruction address in ntdll module by parsing the PEB of the current pr…☆20Updated last year
- ☆54Updated 6 months ago
- ☆30Updated 4 months ago
- A synergized Visual Studio and Rust development environment☆18Updated 3 months ago
- ALPChecker - a tool to detect spoofing and blinding attacks on the ALPC interaction☆13Updated 2 years ago
- Parent Process ID Spoofing, coded in CGo.☆22Updated 9 months ago
- Dll injection through code page id modification in registry. Based on jonas lykk research☆17Updated 2 years ago