Some of my Malware Analysis writeups
☆48Oct 3, 2025Updated 5 months ago
Alternatives and similar repositories for malware-analysis-writeups
Users that are interested in malware-analysis-writeups are comparing it to the libraries listed below
Sorting:
- Some Cyber Security related scripts☆18Jul 18, 2023Updated 2 years ago
- Spawn SYSTEM shells like a PRO!☆10Mar 8, 2023Updated 3 years ago
- Poshito is a Windows C2 over Telegram☆21Oct 30, 2024Updated last year
- MalBox is a quick and dirty setup to create a malware analysis VM☆14Aug 27, 2024Updated last year
- A tiny macro library for protecting sensitive strings in compiled binaries☆40Oct 8, 2024Updated last year
- A library for quickly and easily encrypting strings and text file content.☆12Jul 1, 2021Updated 4 years ago
- Powershell sandboxing utility☆20Mar 2, 2026Updated 2 weeks ago
- Extracting AsyncRAT configuration using CyberChef☆14May 4, 2022Updated 3 years ago
- Nim process hollowing loader☆62Jul 22, 2025Updated 8 months ago
- ☆10Jul 1, 2023Updated 2 years ago
- Ghidra Script for automated analysis of EMOTET☆17Feb 3, 2021Updated 5 years ago
- Explore and filter your GitHub starred repositories☆25Dec 5, 2023Updated 2 years ago
- Nimbo-C2 is yet another (simple and lightweight) C2 framework☆438Jan 29, 2026Updated last month
- This is the official repository for Basic Malware Analysis Course☆20Jan 11, 2022Updated 4 years ago
- RegStrike is a .reg payload generator☆58Sep 19, 2023Updated 2 years ago
- Notes some analysis related to VidarStealer sample☆16May 5, 2024Updated last year
- A step-by-step walkthrough of how to write a Client and a Driver to communicate with each other and boost the priority of a thread.☆17Dec 12, 2023Updated 2 years ago
- A kernel driver to get a Handle to virtually *every* process☆13Jan 16, 2024Updated 2 years ago
- Unpacking and decryption tools for the Emotet malware☆44Dec 5, 2021Updated 4 years ago
- Reproducing the SkeletonKey malware.☆11Apr 6, 2024Updated last year
- Rootless keylogger for X☆33Oct 18, 2019Updated 6 years ago
- A simple to use single-include Windows API resolver☆23Jul 9, 2024Updated last year
- Code files for CSD 310☆15Aug 19, 2023Updated 2 years ago
- Provides server-side before/after hooks for Meteor methods☆11Jan 12, 2016Updated 10 years ago
- ☆19Aug 6, 2021Updated 4 years ago
- A project that aims to automate Volatility3 at scale with the use of cloud strength and the power of KQL inside ADX.☆16Aug 19, 2025Updated 7 months ago
- NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg☆50Feb 29, 2024Updated 2 years ago
- ☆13Oct 21, 2022Updated 3 years ago
- VMware Workspace ONE Access and Identity Manager RCE via SSTI - Test script for shodan, file or manual.☆16Feb 13, 2024Updated 2 years ago
- Repository containing malware analysis filters for the Windows SysInternals' - Process Monitor tool☆20Oct 2, 2020Updated 5 years ago
- ☆17Jan 21, 2026Updated 2 months ago
- A powershell parser for https://github.com/ufrisk/MemProcFS☆45May 12, 2021Updated 4 years ago
- shared samples from #dailyphish and/or #apt tweets☆41Sep 3, 2025Updated 6 months ago
- ☆24Mar 12, 2025Updated last year
- Experience the power of a PHP webshell designed to overcome the limitations of blacklisted system/exec functions.☆25Jul 14, 2024Updated last year
- Threat Hunting Malware Infrastructure☆11Dec 3, 2023Updated 2 years ago
- Retrieve inner payloads from Donut samples☆123Mar 12, 2026Updated last week
- ☆65May 26, 2023Updated 2 years ago
- Proof of Concept example for abusing Process Hacker 2 (v2.39.124)☆23Oct 30, 2024Updated last year