sandflysecurity / sandfly-kernel-module-decloakLinks
Scripts to decloak Linux Loadable Kernel Module (LKM) stealth rootkits.
☆35Updated 4 months ago
Alternatives and similar repositories for sandfly-kernel-module-decloak
Users that are interested in sandfly-kernel-module-decloak are comparing it to the libraries listed below
Sorting:
- This is a simulation of attack by Fancy Bear group (APT28) targeting high-ranking government officials Western Asia and Eastern Europe☆38Updated last year
- Modular framework for automating triaging, malware analysis, and analyst workflows☆44Updated 9 months ago
- Rebuild of portspoof in GO with additional features.☆28Updated 3 months ago
- A fully-undetectable ransomware that utilizes OneDrive & Google Drive to encrypt target local files☆128Updated last year
- APT hub, It help's research to collect information and data on the latest APT activities. It collects data on APT profiles, IOCs(1 yr), a…☆54Updated 11 months ago
- Cheat sheet to detect and remove linux kernel rootkit☆78Updated last year
- A tool to remotely detect unusual sessions opened on windows machines using RPC☆118Updated 8 months ago
- Lena's scripts/code/resources for malware analysis☆26Updated last year
- A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit☆117Updated last year
- ☆50Updated 11 months ago
- create a "simulated internet" cyber range environment☆19Updated 2 weeks ago
- A simple scanner for identifying vulnerable cups-browsed instances on your network☆66Updated last year
- Linux #rootkit and #malware revealer☆31Updated last year
- IOCs and notes related to malware☆27Updated 7 months ago
- Baseline a Windows System against LOLBAS☆70Updated last week
- Virus.xcheck is a Python tool designed to bulk verify the existence of file hashes in the Virus Exchange database and fetch download URLs…☆60Updated 4 months ago
- NoDelete is a tool that assists in malware analysis by locking a folder where malware drops files before deleting them.☆49Updated 2 months ago
- Detonate malware on VMs and get logs & detection status☆76Updated 2 weeks ago
- information about ransomware groups (Ransomware Analysis Notes)☆41Updated 2 years ago
- All kinds of tiny shells☆65Updated 3 years ago
- ☆35Updated 2 years ago
- Detects CanaryTokens in Office docs and PDFs (docx, xlsx, pptx, pdf) without triggering alerts☆127Updated last month
- An offensive postexploitation tool that will give you complete control over the Outlook desktop application and therefore to the emails c…☆166Updated last year
- Small scripts to help with Linux forensics and incident response.☆56Updated 4 months ago
- Kooky cURL-powered replacement for reverse shell via /dev/tcp☆77Updated 2 weeks ago
- EvilMist is a collection of scripts and utilities designed to support cloud penetration testing & red teaming. The toolkit helps identify…☆92Updated last week
- This Python tool enables network node command and exfiltration while applying OPSEC to ensure the process is hidden by transmitting comma…☆35Updated 2 years ago
- ACEshark is a utility designed for rapid extraction and analysis of Windows service configurations and Access Control Entries, eliminatin…☆121Updated last year
- NullSection is an Anti-Reversing tool that applies a technique that overwrites the section header with nullbytes.☆67Updated 2 years ago
- Analyse MSI files for vulnerabilities☆143Updated last year