malienist / vovk
Vovk is framework of tools that include a WinDbg extension that generates in-depth YARA rules for malware.
☆21Updated 3 weeks ago
Related projects: ⓘ
- bootloaders.io is a curated list of known malicious bootloaders for various operating systems. The project aims to assist security profes…☆47Updated last year
- Malware Muncher is a proof-of-concept Python script that utilizes the Frida framework for binary instrumentation and API hooking, enablin…☆42Updated last year
- Signature-based detection of malware features based on Windows API call sequences. It's like YARA for sandbox API traces!☆80Updated last year
- 🚧 Currently transfering TLP:CLEAR rules from TLP:AMBER repository...☆22Updated 5 months ago
- Symantec EDR Internals☆25Updated 2 years ago
- Winbindex bot to pull in binaries for specific releases☆44Updated last year
- ☆26Updated last month
- Small visualizator for PE files☆66Updated last year
- Native Python3 bindings for @horsicq's Detect-It-Easy☆40Updated 3 weeks ago
- Code for BH21 talk: "Generating YARA Rules by Classifying Malicious Byte Sequences"☆16Updated 2 years ago
- Writing Your Own Ticket to the Cloud Like APT: A Deep-dive to AD FS Attacks, Detections, and Mitigations☆12Updated last year
- rpv-web is a browser based frontend for the rpv library☆23Updated last month
- SRE - Dissecting Malware for Static Analysis & the Complete Command-line Tool☆49Updated 11 months ago
- ☆36Updated 7 months ago
- This x64dbg plugin allows you to upload your sample to Malcore and view the results.☆31Updated last year
- Here are some of my malware reversing papers that I will be publishing☆30Updated 2 years ago
- Collection of my own detection rules☆13Updated 7 months ago
- ☆36Updated this week
- An automation plugin for Tiny-Tracer framework to trace and watch functions directly out of the executable's import table or trace logs (…☆105Updated 2 months ago
- ☆31Updated 2 years ago
- A set of rootkit-like abilities for unprivileged users, and vulnerabilities based on the DOT-to-NT path conversion known issue☆92Updated 5 months ago
- A proof-of-concept re-assembler for reverse VNC traffic.☆24Updated last year
- A collection of my yara rules☆33Updated last year
- Modular malware analysis artifact collection and correlation framework☆49Updated 4 months ago
- Small tool to play with IOCs caused by Imageload events☆37Updated last year
- Identifies metadata of .NET binary files.☆21Updated 5 months ago
- IDA Pro plugin to aid with the analysis of native IIS modules☆13Updated last month
- General malware analysis stuff☆35Updated 3 weeks ago
- A tool that automates regex generation for the x86 and x86-64 instruction sets☆61Updated 5 months ago
- A feed of malware samples curated from threat intelligence sources.☆25Updated 11 months ago