Some of my Malware Analysis writeups
☆47Oct 3, 2025Updated 4 months ago
Alternatives and similar repositories for malware-analysis-writeups
Users that are interested in malware-analysis-writeups are comparing it to the libraries listed below
Sorting:
- Some Cyber Security related scripts☆18Jul 18, 2023Updated 2 years ago
- Poshito is a Windows C2 over Telegram☆21Oct 30, 2024Updated last year
- Spawn SYSTEM shells like a PRO!☆10Mar 8, 2023Updated 2 years ago
- MalBox is a quick and dirty setup to create a malware analysis VM☆14Aug 27, 2024Updated last year
- Powershell sandboxing utility☆20Feb 2, 2026Updated 3 weeks ago
- Notes some analysis related to VidarStealer sample☆16May 5, 2024Updated last year
- A library for quickly and easily encrypting strings and text file content.☆12Jul 1, 2021Updated 4 years ago
- A step-by-step walkthrough of how to write a Client and a Driver to communicate with each other and boost the priority of a thread.☆17Dec 12, 2023Updated 2 years ago
- A kernel driver to get a Handle to virtually *every* process☆13Jan 16, 2024Updated 2 years ago
- Sleep obfuscation for shellcode implants and their reflective shit☆53Sep 19, 2023Updated 2 years ago
- Nim process hollowing loader☆62Jul 22, 2025Updated 7 months ago
- Reproducing the SkeletonKey malware.☆11Apr 6, 2024Updated last year
- A tiny macro library for protecting sensitive strings in compiled binaries☆40Oct 8, 2024Updated last year
- A simple to use single-include Windows API resolver☆23Jul 9, 2024Updated last year
- A project that aims to automate Volatility3 at scale with the use of cloud strength and the power of KQL inside ADX.☆16Aug 19, 2025Updated 6 months ago
- Ghidra Script for automated analysis of EMOTET☆17Feb 3, 2021Updated 5 years ago
- shared samples from #dailyphish and/or #apt tweets☆41Sep 3, 2025Updated 5 months ago
- Repository containing malware analysis filters for the Windows SysInternals' - Process Monitor tool☆20Oct 2, 2020Updated 5 years ago
- A tool collection of various attacks on TLS based on TLS-Attacker☆21Jun 25, 2025Updated 8 months ago
- ☆19Aug 6, 2021Updated 4 years ago
- ☆17Jan 21, 2026Updated last month
- Retrieve inner payloads from Donut samples☆120Dec 1, 2025Updated 3 months ago
- Proof of Concept example for abusing Process Hacker 2 (v2.39.124)☆23Oct 30, 2024Updated last year
- ☆27May 6, 2024Updated last year
- CTF and Bug Bounty Hunting WriteUps.☆21Feb 20, 2026Updated last week
- Nimbo-C2 is yet another (simple and lightweight) C2 framework☆440Jan 29, 2026Updated last month
- A collection of my reverse engineering and malware analysis write-ups☆21Dec 11, 2020Updated 5 years ago
- PyKD DLLs for x86 and x64 platforms☆19Sep 13, 2023Updated 2 years ago
- A deobfuscator for multiple python obfuscators☆23Jan 22, 2022Updated 4 years ago
- A powershell parser for https://github.com/ufrisk/MemProcFS☆45May 12, 2021Updated 4 years ago
- A collection of pyjails!☆28Dec 15, 2025Updated 2 months ago
- Explore and filter your GitHub starred repositories☆25Dec 5, 2023Updated 2 years ago
- ☆24Mar 12, 2025Updated 11 months ago
- RegStrike is a .reg payload generator☆58Sep 19, 2023Updated 2 years ago
- Collection of red team techniques.☆67Apr 25, 2025Updated 10 months ago
- Jupyter notebooks for threat hunting☆60Mar 26, 2025Updated 11 months ago
- Experience the power of a PHP webshell designed to overcome the limitations of blacklisted system/exec functions.☆26Jul 14, 2024Updated last year
- Memory Scaner☆65Sep 9, 2022Updated 3 years ago
- FrostLock Injection is a freeze/thaw-based code injection technique that uses Windows Job Objects to temporarily freeze (suspend) a targe…☆43Apr 6, 2025Updated 10 months ago