malware-kitten / shellcode_hashes

Related projects ⓘ

Alternatives and complementary repositories for shellcode_hashes

• alexander-hanel / gopep
  Go Lang Portable Executable Parser
  ☆37Updated 3 years ago
• MITRECND / picaboo
  Specialized tool to dump Position Independent Code.
  ☆21Updated 4 years ago
• ulexec / EmotetCFU
  WIP Emotet Control Flow Unflattening using miasm and radare2
  ☆23Updated last year
• airbus-cert / ttd2mdmp
  Extract data of TTD trace file to a minidump
  ☆28Updated last year
• sisoma2 / malware_analysis
  Scripts, Yara rules and other files developed during malware investigations
  ☆24Updated 2 years ago
• DanusMinimus / Injections
  A repository where I share my injection implemintations
  ☆29Updated 4 years ago
• Dump-GUY / ghidra_scripts
  ☆66Updated last year
• hasherezade / pe2pic
  Small visualizator for PE files
  ☆67Updated last year
• aaaddress1 / dnLauncher
  ☆36Updated 2 years ago
• waleedassar / SyscallNumberExtractor
  ☆24Updated 3 years ago
• SolomonSklash / UnhookingPOC
  A small commented POC for removing API hooks placed by AV/EDR.
  ☆33Updated 4 years ago
• ihack4falafel / ROR13HashGenerator
  C# implementation to produce ROR-13 numeric hash for given function API name
  ☆31Updated 5 years ago
• n1ght-w0lf / pe-unmapper
  A small tool to unmap PE memory dumps.
  ☆11Updated last year
• SpecterOps / ipc-research
  Inter-Process Communication Mechanisms
  ☆24Updated 4 years ago
• trailofbits / WinDbg-JS
  ☆24Updated 11 months ago
• hasherezade / pesieve-go
  Golang bindings for PE-sieve
  ☆40Updated last year
• Dump-GUY / Get-PDInvokeImports
  Get-PDInvokeImports is tool (PowerShell module) which is able to perform automatic detection of P/Invoke, Dynamic P/Invoke and D/Invoke u…
  ☆51Updated 2 years ago
• DimopoulosElias / Primitives
  ☆31Updated 4 years ago
• fashionproof / RunHijackHunter
  ☆15Updated 3 years ago
• snemes / malware-analysis
  ☆23Updated 4 years ago
• ionescu007 / hazmat5
  Local OXID Resolver (LCLOR) : Research and Tooling
  ☆33Updated 3 years ago
• airbus-cert / etwbreaker
  An IDA plugin to deal with Event Tracing for Windows (ETW)
  ☆50Updated 2 years ago
• mobdk / CloneProcess
  Clone running process with ZwCreateProcess
  ☆58Updated 4 years ago
• n1ght-w0lf / Uchihash
  A small utility to deal with malware embedded hashes.
  ☆48Updated last year
• FuzzySecurity / BulkBindex
  Winbindex bot to pull in binaries for specific releases
  ☆46Updated last year
• ethereal-vx / Persistence
  Recreating and reviewing the Windows persistence methods
  ☆39Updated 3 years ago
• NexusFuzzy / NanoDump
  Tool to decrypt the configuration of NanoCore and dump all used plugins
  ☆11Updated 3 years ago
• NtRaiseHardError / Sysmon
  Sysmon shenanigans
  ☆65Updated 4 years ago
• mandiant / apooxml
  Generate YARA rules for OOXML documents.
  ☆37Updated last year