“Intelliroot Code Injection Hunter” is a tool that can to help you identify injected malicious code. The tool can identify and extract possibly injected code from the processes on a LIVE windows system. The tool can be used for Threat Hunting, Malware Analysis and Incident Response.
☆16Sep 21, 2022Updated 3 years ago
Alternatives and similar repositories for InjectedCodeHunter
Users that are interested in InjectedCodeHunter are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Command-line tool to search for malware samples in various repositories☆13Mar 3, 2022Updated 4 years ago
- This POC provides the possibilty to execute x86 shellcode in form of a .bin file based on x86 inline assembly☆20Apr 17, 2023Updated 3 years ago
- This Repository gives the best and possible strategies against hunting the ransomware☆26Aug 23, 2022Updated 3 years ago
- Volatility plugin to search for all Autostart Extensibility Points (AESPs)☆10May 16, 2024Updated last year
- Application for detecting command and control (C2) communication through network traffic analysis.☆16May 12, 2023Updated 2 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Helping Incident Responders hunt for potential persistence mechanisms on UNIX-based systems.☆17Oct 28, 2023Updated 2 years ago
- IAT Unhooking proof-of-concept☆34Apr 7, 2024Updated 2 years ago
- 「⚙️」Detect which native Windows API's (NtAPI) are being hooked☆39Dec 7, 2024Updated last year
- ☆16Oct 29, 2023Updated 2 years ago
- Packet Analysis on Steroids☆14Oct 20, 2022Updated 3 years ago
- Small tool to play with IOCs caused by Imageload events☆44May 14, 2023Updated 2 years ago
- urlyzer is a URL parsing analysis tool.☆24Jul 27, 2024Updated last year
- a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless☆39Jul 12, 2024Updated last year
- Sp00fer blog post -☆24Jul 19, 2022Updated 3 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- ☆37Feb 11, 2023Updated 3 years ago
- Tool for obtaining information about PPL processes☆16Feb 12, 2024Updated 2 years ago
- Collection of Jupyter Notebook for Threat Hunting and Blue Team Purposes☆22Jun 15, 2022Updated 3 years ago
- ADXFlowmaster helps SecOps teams Threat Hunt suspicious network traffic inside & outside of Azure.☆39Oct 30, 2024Updated last year
- ☆11Aug 7, 2021Updated 4 years ago
- Threat Hunting tool about Sysmon and graphs☆339May 28, 2023Updated 2 years ago
- ProcessHollowing via csharp☆13Dec 21, 2021Updated 4 years ago
- ☆33Feb 26, 2022Updated 4 years ago
- Sometimes, threat feeds share critical information with certain details blurred, which is a good practice. However, CTI analysts still ne…☆12Sep 18, 2025Updated 7 months ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- WISKESS automates the Windows evidence processing for Incident Response investigations. Rust version.☆16Updated this week
- BAADTokenBroker is a post-exploitation tool designed to interact with Microsoft Entra ID device-bound keys.☆77Apr 11, 2026Updated 2 weeks ago
- An executable that simplifies adding the msds-AllowedToActOnBehalfOfOtherIdentity attribute for RBCD☆49Mar 10, 2025Updated last year
- ☆18Aug 19, 2021Updated 4 years ago
- Scripts to integrate DFIR-IRIS, MISP and TimeSketch☆36Feb 2, 2022Updated 4 years ago
- Incident Response and Forensic on AWS☆20May 19, 2020Updated 5 years ago
- Pushes Sysmon Configs☆90Jun 11, 2021Updated 4 years ago
- Extract C2 Traffic☆254Nov 25, 2024Updated last year
- Set of scripts to index PCAP files and retrieve packets☆14Sep 10, 2015Updated 10 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- A simple IDA Pro plugin to show all HexRays decompiler comments written by user☆23Sep 3, 2021Updated 4 years ago
- Dump stuff without touching disk☆165Oct 29, 2020Updated 5 years ago
- The Enhanced MITRE ATT&CK® Coverage Tracker is an Excel tool for SOCs to measure and improve detection coverage of cyber threats. It simp…☆36Nov 13, 2025Updated 5 months ago
- An example of COM hijacking using a proxy DLL.☆43Aug 17, 2021Updated 4 years ago
- ☆12Mar 28, 2026Updated last month
- Cloud-based AD lab created to help you test real attacks in a controlled environment and create detection rules for them☆29Feb 23, 2024Updated 2 years ago
- ☆16Sep 23, 2021Updated 4 years ago