mandiant / remote_lookup
Resolves DLL API entrypoints for a process w/ remote query capabilities.
☆55Updated 7 years ago
Alternatives and similar repositories for remote_lookup:
Users that are interested in remote_lookup are comparing it to the libraries listed below
- POC for IAT Parsing Payloads☆47Updated 8 years ago
- This script is used for extracting DDE in docx and xlsx☆12Updated 7 years ago
- API functions for Malware Research☆35Updated 5 years ago
- Analysis PE file or Shellcode☆49Updated 8 years ago
- Work Fast With the pattern matching swiss knife for malware researchers.☆38Updated 8 years ago
- officefileinfo is a python script to help analyse the newer Microsoft Office file formats. There are numerous tools for dealing with the …☆16Updated 8 years ago
- Collection of my Python Scripts☆41Updated 4 years ago
- Volatility Framework plugin to detect various types of hooks as performed by banking Trojans☆40Updated 6 years ago
- Simple DDE object detector☆56Updated 7 years ago
- Some sample code from my Zero Nights 2017 presentation.☆62Updated 7 years ago
- Various snippets created during malware analysis☆22Updated 6 years ago
- QEMU with rVMI extensions☆25Updated 7 years ago
- ☆22Updated 7 years ago
- Python based module to find common vulnerabilities which lead to Windows privilege escalation☆32Updated 8 years ago
- Shows command lines used by latest instances analyzed on Hybrid-Analysis☆43Updated 6 years ago
- Tool for dropping malware from EK☆40Updated 7 years ago
- Proof of concept VBA code to add to Normal.dot to put restrictions on Word☆41Updated 8 years ago
- Script to extract malicious payload and decoy document from CVE-2015-1641 exploit documents☆23Updated 8 years ago
- ☆34Updated 7 years ago
- PyCommand Scripts for Immunity Debugger☆36Updated 10 years ago
- Malware.lu configuration extractor☆24Updated 10 years ago
- ☆15Updated 4 years ago
- A tiny PoC to inject and execute code into explorer.exe with WM_SETTEXT+WM_COPYDATA+SetThreadContext☆50Updated 6 years ago
- HackSys Extreme Vulnerable Driver - ArbitraryOverwrite Exploit☆25Updated 8 years ago
- ☆51Updated 8 years ago
- a collection of yara rules for binary analysis☆24Updated 7 years ago
- An offensive Powershell console☆30Updated 9 years ago
- ☆68Updated 7 years ago
- Portable utility to check if a machine has been infected by Shamoon2☆15Updated 8 years ago
- Comprehensive Pivoting Framework☆20Updated 8 years ago