serializingme / emofishesLinks
Emofishes is a collection of proof-of-concepts that help improve, bypass or detect virtualized execution environments (focusing on the ones setup for malware analysis).
☆15Updated 2 years ago
Alternatives and similar repositories for emofishes
Users that are interested in emofishes are comparing it to the libraries listed below
Sorting:
- A simple reflective dll example☆19Updated 8 years ago
- Python based module to find common vulnerabilities which lead to Windows privilege escalation☆31Updated 9 years ago
- Environmental (and http) keying for scripting languages☆39Updated 7 years ago
- This script is used for extracting DDE in docx and xlsx☆12Updated 7 years ago
- Work Fast With the pattern matching swiss knife for malware researchers.☆38Updated 9 years ago
- POC for IAT Parsing Payloads☆48Updated 8 years ago
- Making shellcode UD - https://osandamalith.com☆24Updated 9 years ago
- A framework for creating modular bots/backdoors☆21Updated 10 years ago
- ☆10Updated 7 years ago
- Nano meterpreter shell based on TinyMet☆28Updated 9 years ago
- Fileless SQL Server CLR-based Custom Stored Procedure Command Execution☆36Updated 8 years ago
- Various snippets created during malware analysis☆22Updated 7 years ago
- Mimikatz HashClash☆12Updated 10 years ago
- ☆53Updated 10 years ago
- ☆18Updated 7 years ago
- List of scripts used for malware analysis☆15Updated 10 years ago
- Resolves DLL API entrypoints for a process w/ remote query capabilities.☆56Updated 8 years ago
- A Generic Windows Memory Scraping Tool☆71Updated 8 years ago
- "Polymorphic" shellcode generator (x86)☆23Updated 10 years ago
- A repo to hold some scripts pertaining WMI (Windows implementation of WBEM) forensics☆87Updated 8 years ago
- Microsoft Windows HTA (HTML Application) - Remote Code Execution☆30Updated 10 years ago
- Randomly changes Win32/64 PE Files for 'safer' uploading to malware and sandbox sites.☆131Updated 11 years ago
- Post Exploitation Linux Toolkit☆33Updated 8 years ago
- Example ASM code following SLAE course and exam assignments.☆36Updated 8 years ago
- This module is used to exploit startup script execution through Windows Group Policy settings when configured to run off of a remote SMB …☆22Updated 5 years ago
- Volatility Framework plugin to detect various types of hooks as performed by banking Trojans☆41Updated 6 years ago
- Portable utility to check if a machine has been infected by Shamoon2☆15Updated 8 years ago
- My metasploit modules☆24Updated 9 years ago
- SilkETW & SilkService☆40Updated 6 years ago
- Powershell Persistence Locator☆66Updated 9 years ago