serializingme / emofishes
Emofishes is a collection of proof-of-concepts that help improve, bypass or detect virtualized execution environments (focusing on the ones setup for malware analysis).
☆15Updated last year
Related projects ⓘ
Alternatives and complementary repositories for emofishes
- A simple reflective dll example☆18Updated 7 years ago
- Various snippets created during malware analysis☆22Updated 6 years ago
- Tools to enumerate Windows Firewall Hook Drivers on Windows 2000, XP and 2003☆20Updated 9 years ago
- Environmental (and http) keying for scripting languages☆39Updated 6 years ago
- This script is used for extracting DDE in docx and xlsx☆12Updated 6 years ago
- Mimikatz HashClash☆12Updated 9 years ago
- ☆10Updated 7 years ago
- Fileless SQL Server CLR-based Custom Stored Procedure Command Execution☆35Updated 7 years ago
- Scripts targeting specific families☆13Updated 7 years ago
- Carve Windows Prefetch files from arbitrary binary data☆14Updated 7 years ago
- ☆17Updated 6 years ago
- Network detector for Winnti malware☆20Updated 6 years ago
- Parses Java Cache IDX files☆39Updated 6 years ago
- Making shellcode UD - https://osandamalith.com☆24Updated 8 years ago
- Talk given at DerbyCon and RuxCon 2016☆22Updated 8 years ago
- ☆19Updated 7 years ago
- PowerShell Module Bindings for Capstone/Keystone☆24Updated 8 years ago
- POC for IAT Parsing Payloads☆47Updated 7 years ago
- Work Fast With the pattern matching swiss knife for malware researchers.☆35Updated 8 years ago
- Python based module to find common vulnerabilities which lead to Windows privilege escalation☆32Updated 8 years ago
- Powershell script which will take any payload and put it in the a bat script which delivers the payload. The payload is delivered using e…☆52Updated 7 months ago
- ☆16Updated 9 years ago
- Mainframe bruter and screen automation utility.☆19Updated 3 years ago
- Gives context to a system. Uses EQGRP shadow broker leaked list to give some descriptions to processes.☆42Updated 7 years ago