proferosec / HelloKittyUnpacker
A tool to assist in analysis of packed HelloKitty ransomware binaries
☆11Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for HelloKittyUnpacker
- ☆18Updated 4 years ago
- ☆26Updated 2 weeks ago
- ☆31Updated 2 years ago
- Small visualizator for PE files☆67Updated last year
- Symantec EDR Internals☆25Updated 3 years ago
- Invoke-DetectItEasy is a wrapper for excelent tool called Detect-It-Easy. This PS module is very useful for Threat Hunting and Forensics.☆23Updated 2 years ago
- A powershell parser for https://github.com/ufrisk/MemProcFS☆43Updated 3 years ago
- Malware Muncher is a proof-of-concept Python script that utilizes the Frida framework for binary instrumentation and API hooking, enablin…☆42Updated last year
- Quickly search for references to a GUID in DLLs, EXEs, and drivers☆59Updated 2 years ago
- Here are some of my malware reversing papers that I will be publishing☆31Updated 2 years ago
- Specialized tool to dump Position Independent Code.☆21Updated 4 years ago
- Python 3 - Manipulation and conversation with different data type (Bytes operations)☆27Updated 2 years ago
- ☆27Updated 2 years ago
- Modular malware analysis artifact collection and correlation framework☆52Updated 6 months ago
- The Console Monitor Driver is a KMDF kernel-mode filter driver that captures certain Fast I/O operations (input and output) that is sent …☆36Updated 2 years ago
- Rekall Memory Forensic Framework☆29Updated 5 years ago
- A small tool to unmap PE memory dumps.☆11Updated last year
- Help deobfuscate VBScript☆15Updated 2 years ago
- General malware analysis stuff☆35Updated 2 months ago
- A collection of shellcode hashes☆17Updated 6 years ago
- aggregated repo for all conferences and talks I am giving☆17Updated 3 years ago
- Collection of tips, tools, arsenal and techniques I've learned during RE and other CyberSecStuff☆53Updated 5 months ago
- Scripts, Yara rules and other files developed during malware investigations☆24Updated 2 years ago
- Extract data of TTD trace file to a minidump☆28Updated last year
- Get-PDInvokeImports is tool (PowerShell module) which is able to perform automatic detection of P/Invoke, Dynamic P/Invoke and D/Invoke u…☆51Updated 2 years ago
- Unpacking and decryption tools for the Emotet malware☆46Updated 2 years ago
- Writing Your Own Ticket to the Cloud Like APT: A Deep-dive to AD FS Attacks, Detections, and Mitigations☆12Updated last year
- Winbindex bot to pull in binaries for specific releases☆46Updated last year