marcusbotacin / Malware.Variants
Additional material for the malware variants identification paper
☆9Updated 5 years ago
Related projects ⓘ
Alternatives and complementary repositories for Malware.Variants
- SDBbot Unpacker Python 2.7☆9Updated 4 years ago
- My conference presentations and publications☆26Updated 2 years ago
- Rekall Memory Forensic Framework☆29Updated 5 years ago
- ☆13Updated 7 years ago
- findLoop - find possible encryption/decryption or compression/decompression code☆26Updated 5 years ago
- ☆20Updated 4 years ago
- Kernel-mode file scanner☆17Updated 6 years ago
- winAFL patch to enable network-based apps fuzzing☆37Updated 6 years ago
- Static analysis tools for x86 assembly☆13Updated 7 years ago
- Malware Analysis, Anti-Analysis, and Anti-Anti-Analysis☆44Updated 7 years ago
- Static and Dynamic Analysis Added☆9Updated 7 years ago
- ssdeep cluster analysis for malware files☆29Updated 4 years ago
- A collection of anti disassembly techniques☆18Updated 7 years ago
- Obtain remote process cookies by performing a brute-force attack on ntdll.RtlDecodePointer using known pointer encodings.☆21Updated 7 years ago
- Flare-On solutions☆36Updated 5 years ago
- An IDA Pro script for creating a clearer idb for nymaim malware☆10Updated 6 years ago
- A new binary injection technique, can easily go through any #CIG protected process and slip through all possible defenses without any inj…☆18Updated 6 years ago
- Windows 10 UAC bypass PoC using LaunchInfSection☆34Updated 6 years ago
- Implementation trade-offs in using Intel Pin for instruction tracing of complex programs☆15Updated 5 years ago
- A introductory workshop to getting started with fuzzing using american fuzzy lop (AFL)☆22Updated 5 years ago
- PoC code for CVE-2018-15499 (exploit race condition for BSoD)☆11Updated 6 years ago
- Bypass for the hardening against usage of tagWnd as a kernel read/write primitive☆26Updated 7 years ago
- x86 bootloader emulation with Miasm (case of NotPetya)☆40Updated 5 years ago
- ☆12Updated 4 years ago
- PoC Code for CVE-2018-16712 (exploit by MmMapIoSpace)☆25Updated 5 years ago