secana / PeNet-Analyzer
Analyzers for Portable Executable anomalies and other malware behavior.
☆32Updated 10 months ago
Alternatives and similar repositories for PeNet-Analyzer:
Users that are interested in PeNet-Analyzer are comparing it to the libraries listed below
- A .NET binary loader that bypasses AMSI☆45Updated 3 years ago
- a small wiper malware programmed in c#☆53Updated 2 years ago
- powershell script i wrote that can suspend an arbitrary process (with limits)☆20Updated 2 years ago
- Example of C# heap injector for x64 and x86 shellcodes☆14Updated 2 years ago
- Tool that can be used to trim useless things from a PE file such as the things a file pumper would add.☆26Updated 3 weeks ago
- This repository contains a tool that can encrypt all type of files and give the encrypted output in the form of an encrypted shellcode. P…☆15Updated 3 years ago
- This central repository is crafted for cybersecurity enthusiasts, researchers, and professionals aiming to advance their skills. It offer…☆14Updated 5 months ago
- Dump certificates from PE files in different formats☆38Updated last year
- Collection of various WINAPI tricks / features used or abused by Malware☆13Updated 3 years ago
- The evolution of NxRansomware☆10Updated 5 years ago
- This is a simple example of DLL hijacking enabling proxy execution.☆66Updated 2 years ago
- A simple PE loader.☆25Updated 2 years ago
- A string obfuscator for .NET apps, built to evade static string analysis.☆103Updated 2 years ago
- Make an executable run with TrustedInstaller permissions under SYSTEM account.☆38Updated 4 years ago
- 🚧 C# UAC Bypass technique using mock directories 🚧☆28Updated 2 years ago
- Simple dotnet Native AOT app that uses AsmResolver to convert shellcode to PE☆65Updated last year
- Sources Codes of many MSIL malwares☆23Updated 2 years ago
- A tool for interacting with the Anti-Malware Scan Interface API for pen testing purposes.☆62Updated last year
- ☆16Updated 3 years ago
- Get-PDInvokeImports is tool (PowerShell module) which is able to perform automatic detection of P/Invoke, Dynamic P/Invoke and D/Invoke u…☆54Updated 3 years ago
- 64bit Windows 10 shellcode that adds user BOKU:SP3C1ALM0V3 to the system and the localgroups Administrators & "Remote Desktop Users"☆39Updated 3 years ago
- Small visualizator for PE files☆69Updated last year
- Execute embedded Mimikatz☆13Updated 3 years ago
- Unpacker and Config Extractor for managed Redline Stealer payloads☆41Updated 2 years ago
- Extension functionality for the NightHawk operator client☆27Updated last year
- Patches the AmsiScan function in clr.dll allowing for unrestricted assembly loading in .NET☆15Updated last week
- Listing UDP connections with remote address without sniffing.☆29Updated last year
- JALSI - Just Another Lame Shellcode Injector☆30Updated 3 years ago
- Loading and executing shellcode in C# without PInvoke.☆20Updated 3 years ago
- Get-UnJlaive is tool which is able to reconstruct Jlaive (.NET Antivirus Evasion Tool (Exe2Bat)) to original Assembly and stub Assembly.☆22Updated 2 years ago