nybble04 / Shady-Hook
Proof of Concept - Hooking API calls of a Ransomware
☆28Updated 3 years ago
Related projects: ⓘ
- PoC designed to evade userland-hooking anti-virus.☆85Updated 5 years ago
- Parsers for custom malware formats ("Funky malware formats")☆92Updated 2 years ago
- A ready-made template for a project based on libpeconv.☆40Updated last year
- Windows Drivers☆95Updated 5 years ago
- ☆21Updated 3 years ago
- Gozi ISFB is a well-known and widely distributed banking trojan, and has been in the threat landscape for the past several years.☆63Updated 6 years ago
- Bare template for a Kernel Mode Driver☆50Updated 4 years ago
- Local OXID Resolver (LCLOR) : Research and Tooling☆31Updated 3 years ago
- Write-ups for FireEye's FLARE-On challenges☆25Updated 5 years ago
- Enumerate Windows Defender threat families and dump their names according category☆87Updated 5 years ago
- PoC for detecting and dumping process hollowing code injection☆50Updated 5 years ago
- File system minifilter driver for Windows to block symbolic link attacks.☆51Updated 3 years ago
- Three Tiny Examples of Directly Using Vista's NtCreateUserProcess☆84Updated 8 years ago
- A simple API monitor for Windbg☆62Updated 7 years ago
- ☆66Updated last year
- Parser for a custom executable format from Hidden Bee malware (first stage)☆39Updated last week
- Process Hollowing for 32 bit and 64 bit☆78Updated 6 years ago
- PoC for detecting and dumping code injection (built and extended on UnRunPE)☆54Updated 5 years ago
- Protects deletion of files with a specified extension using a kernel-mode driver.☆73Updated 6 years ago
- Simple 32/64-bit PEs loader.☆135Updated 5 years ago
- Shellcode emulator written with Unicorn Framework With Process Dump Emulation Environment☆117Updated 4 years ago
- Sysmon shenanigans☆65Updated 3 years ago
- ☆49Updated this week
- a program to detect reflective dll injection on a live machine☆72Updated 8 years ago
- Go Lang Portable Executable Parser☆37Updated 3 years ago
- Rekall Memory Forensic Framework☆29Updated 5 years ago
- Fileless persistence, attacks and anti-forensic capabilties.☆84Updated 5 years ago
- My collection of unpackers for malware packers/crypters☆28Updated 7 years ago
- Miscellaneous Code and Docs☆76Updated 9 months ago
- Set of antianalysis techniques found in malware☆124Updated last year