A tool designed to make physical devices detectable by malware and make system look like virtual machine.
☆398Sep 13, 2020Updated 5 years ago
Alternatives and similar repositories for malwarescarecrow
Users that are interested in malwarescarecrow are comparing it to the libraries listed below
Sorting:
- Sentello is python script that simulates the anti-evasion and anti-analysis techniques used by malware.☆75Mar 7, 2021Updated 5 years ago
- Converts C programs that only use syscalls to 64 bit assembly file.☆12Mar 7, 2021Updated 5 years ago
- This repo contain Android malware samples and analysis☆13Apr 3, 2021Updated 4 years ago
- ☆19Mar 31, 2022Updated 3 years ago
- A pattern based Dalvik deobfuscator which uses limited execution to improve semantic analysis☆13Mar 22, 2022Updated 4 years ago
- Userland API Unhooker Project☆111Jun 14, 2021Updated 4 years ago
- This repository contains indicators of compromise (IOCs) of our various investigations.☆314Nov 4, 2025Updated 4 months ago
- Anti-virus artifacts. Listing APIs hooked by: Avira, BitDefender, F-Secure, MalwareBytes, Norton, TrendMicro, and WebRoot.☆756Nov 16, 2021Updated 4 years ago
- Detect and respond to Cobalt Strike beacons using ETW.☆516Jul 15, 2022Updated 3 years ago
- Notes for Assembly language☆15Jul 28, 2020Updated 5 years ago
- OffensivePH - use old Process Hacker driver to bypass several user-mode access controls☆334Oct 9, 2021Updated 4 years ago
- Extract and Deobfuscate XLM macros (a.k.a Excel 4.0 Macros)☆585May 5, 2024Updated last year
- A variation CredBandit that uses compression to reduce the size of the data that must be trasnmitted.☆19Jun 24, 2021Updated 4 years ago
- Stop Windows Defender using the Win32 API☆192Feb 2, 2022Updated 4 years ago
- A list of vulnerabilities or design flaws that Microsoft does not intend to fix. Since the number is growing, I decided to make a list. T…☆952Aug 11, 2021Updated 4 years ago
- A framework for creating COM-based bypasses utilizing vulnerabilities in Microsoft's WDAPT sensors.☆297Aug 18, 2023Updated 2 years ago
- Meetuplardan arta kalanlar☆42Aug 18, 2025Updated 7 months ago
- Python interpreter for Cobalt Strike Malleable C2 Profiles. Allows you to parse, build and modify them programmatically.☆285Oct 29, 2024Updated last year
- Hide your payload in DNS☆614May 3, 2023Updated 2 years ago
- A tool to kill antimalware protected processes☆1,506Jun 19, 2021Updated 4 years ago
- BoobSnail allows generating Excel 4.0 XLM macro. Its purpose is to support the RedTeam and BlueTeam in XLM macro generation.☆258Mar 6, 2025Updated last year
- Personal notes and lab results pertaining to the text "Practical Malware Analysis" by Michael Sikorski and Andrew Honiq.☆12Oct 28, 2017Updated 8 years ago
- DLLirant is a tool to automatize the DLL Hijacking researches on a specified binary.☆322Sep 23, 2022Updated 3 years ago
- A list of all the DLLs export in C:\windows\system32\☆221Dec 22, 2021Updated 4 years ago
- Analysis of malware and Cyber Threat Intel of APT and cybercriminals groups☆723Dec 26, 2022Updated 3 years ago
- qiling framework examples☆16Jan 17, 2022Updated 4 years ago
- Materials for Windows Malware Analysis training (volume 1)☆2,027Jul 1, 2024Updated last year
- A fake AMSI Provider which can be used for persistence.☆156May 16, 2021Updated 4 years ago
- Excel Macro Document Reader/Writer for Red Teamers & Analysts☆524Feb 1, 2022Updated 4 years ago
- Transacted Hollowing - a PE injection technique, hybrid between ProcessHollowing and ProcessDoppelgänging☆581Mar 8, 2024Updated 2 years ago
- ☆44Sep 22, 2022Updated 3 years ago
- A Canary which fires when uninstalled☆34Mar 16, 2021Updated 5 years ago
- High Octane Triage Analysis☆830Updated this week
- Web Based Command Control Framework (C2) #C2 #PostExploitation #CommandControl #RedTeam #C2Framework #PHPC2 #.NETMalware #Malware #PHPMal…☆270Mar 11, 2024Updated 2 years ago
- Malwoverview is a rapid response tool used to gather intelligence information from VirusTotal, Hybrid Analysis, URLHaus, Polyswarm, Malsh…☆3,653Mar 11, 2026Updated last week
- RefleXXion is a utility designed to aid in bypassing user-mode hooks utilised by AV/EPP/EDR etc. In order to bypass the user-mode hooks, …☆500Jan 25, 2022Updated 4 years ago
- ☆2,173Feb 21, 2023Updated 3 years ago
- A fast library for parsing and importing Windows Event Logs into Elasticsearch.☆86Updated this week
- ScareCrow - Payload creation framework designed around EDR bypass.☆2,880Aug 18, 2023Updated 2 years ago