robindimyan / apthowtoLinks
Liberating dem proprietary APT implants
☆20Updated 5 years ago
Alternatives and similar repositories for apthowto
Users that are interested in apthowto are comparing it to the libraries listed below
Sorting:
- ☆23Updated 4 years ago
- ☆11Updated 5 years ago
- Malware vulnerability research. Coming soon..☆12Updated 5 years ago
- Presentation materials for talks I've given.☆20Updated 5 years ago
- Walking the PEB in VBA☆23Updated 5 years ago
- SilkETW & SilkService☆40Updated 5 years ago
- Shows command lines used by latest instances analyzed on Hybrid-Analysis☆43Updated 6 years ago
- This script is used for extracting DDE in docx and xlsx☆12Updated 7 years ago
- Royal APT - APT15 - Related Information from NCC Group Cyber Defense Operations Research☆53Updated 7 years ago
- Trace ScriptBlock execution for powershell v2☆40Updated 5 years ago
- Exercises for C# Workshop at Wild West Hackin' Fest 2018 & 2019.☆64Updated 5 years ago
- Various snippets created during malware analysis☆22Updated 7 years ago
- Metamorphic Code Generator & Loader☆15Updated 4 years ago
- Steezy - Ghetto Yara Generation☆15Updated 2 years ago
- A Microsoft Windows service to provide telemetry on Windows executable memory page changes to facilitate threat detection☆31Updated 4 years ago
- ☆22Updated 4 years ago
- ☆25Updated 6 years ago
- Babel-Shellfish deobfuscates and scans Powershell scripts on real-time right before each line execution.☆43Updated 6 years ago
- TA505 unpacker Python 2.7☆47Updated 5 years ago
- Maltego transforms to pivot between PE files based on their VirusTotal codeblocks☆18Updated 3 years ago
- RID Hijacking Proof of Concept script by Kevin Joyce☆15Updated 6 years ago
- Radare2 Metadata Extraction to Elasticsearch☆23Updated last year
- Tool for finding KPOT XOR key using known-plaintext attack.☆13Updated 5 years ago
- a modified version base on Tracecorn☆20Updated 5 years ago
- Shim database persistence (Fin7 TTP)☆37Updated 5 years ago
- A collection of threat intelligence data such as IOC, Yara and Snort/Suricata Rules etc.☆10Updated 5 years ago
- This repository contains various files linked to Operation Shadowhammer as it was originally discovered by Kaspersky Team.☆12Updated 6 years ago
- Exfiltration based on custom X509 certificates☆26Updated last year
- Simple shellcode injector.☆14Updated 6 years ago
- Extract the password of the current user from flow (keylogger, config file, ..) Use SSPI to get a valid NTLM challenge/response and test …☆59Updated 6 years ago