ring0x0 / honeydrops
An automated collection and analysis of malware from my honeypots.
☆25Updated 7 years ago
Alternatives and similar repositories for honeydrops:
Users that are interested in honeydrops are comparing it to the libraries listed below
- Material from our CANAPE workshop☆32Updated 6 years ago
- Proof of concept VBA code to add to Normal.dot to put restrictions on Word☆41Updated 8 years ago
- Work Fast With the pattern matching swiss knife for malware researchers.☆38Updated 8 years ago
- Extract GUIDs from .NET assemblies☆21Updated 8 years ago
- Test suite for bypassing Malware sandboxes.☆39Updated 10 years ago
- An offensive Powershell console☆30Updated 9 years ago
- Volatility Plugins☆21Updated 9 years ago
- A repo to hold some scripts pertaining WMI (Windows implementation of WBEM) forensics☆85Updated 7 years ago
- Recurse through a registry, identifying values with large data -- a registry malware hunter☆44Updated 8 years ago
- ☆19Updated 6 years ago
- Mixing up CVE and MS like a pro☆24Updated 7 years ago
- Identify botnet panels with Ensembled Decision Trees☆18Updated 8 years ago
- A Rekall interactive document for a Memory Analysis workshop/course.☆43Updated 8 years ago
- A ready to deploy docker container for a fresh sandbox for on-the-fly malware analysis☆43Updated 7 years ago
- Automated memory forensics analysis☆33Updated 5 years ago
- ☆51Updated 6 years ago
- Command-line Interface for Binar.ly☆37Updated 8 years ago
- This script is used for extracting DDE in docx and xlsx☆12Updated 7 years ago
- POC for IAT Parsing Payloads☆47Updated 8 years ago
- Simple DDE object detector☆56Updated 7 years ago
- Frontend for Codex Gigas☆21Updated 8 years ago
- Various snippets created during malware analysis☆22Updated 6 years ago
- Network detector for Winnti malware☆20Updated 7 years ago
- ☆16Updated 10 years ago
- ☆68Updated 7 years ago
- Some sample code from my Zero Nights 2017 presentation.☆62Updated 7 years ago
- Shows command lines used by latest instances analyzed on Hybrid-Analysis☆43Updated 6 years ago
- Membrane: A Posteriori Detection of Malicious Code Loading by Memory Paging Analysis☆42Updated 8 years ago
- ☆50Updated 8 years ago
- simple plugin to detect shellcode on Bro IDS with Unicorn☆33Updated 8 years ago