shaddy43 / MalwareAnalysisSeriesLinks
This repository contains the analysis reports, technical details or any tools created for helping in malware analysis. Additionally, the repo contains extracted TTPs with code along with the detection rules
☆23Updated 7 months ago
Alternatives and similar repositories for MalwareAnalysisSeries
Users that are interested in MalwareAnalysisSeries are comparing it to the libraries listed below
Sorting:
- ☆108Updated last year
- Hollowise is a tool that implements process hollowing and PPID (Parent Process ID) spoofing techniques for masking a legitimate analysis …☆39Updated 11 months ago
- Охотник (Hunter) is a simple Adversary Simulation tool developed for achieves stealth through API unhooking, direct and indirect syscalls…☆91Updated 9 months ago
- BSides Prishtina 2024 Malware Development and Persistence workshop☆124Updated last month
- ElfDoor-gcc is an LD_PRELOAD that hijacks gcc to inject malicious code into binaries during linking, without touching the source code.☆131Updated 9 months ago
- .NET tool used to enrich RPC telemetry☆101Updated 2 weeks ago
- EDRStartupHinder: A red team tool to prevent Antivirus and EDR from running.☆183Updated last month
- A simple commandline application to automatically decrypt strings from Obfuscator protected binaries☆47Updated last year
- Gain insights into COM/DCOM implementations that may be vulnerable using an automated approach and make it easy to visualize the data. By…☆156Updated 2 months ago
- POC of GITHUB simple C2 in rust☆52Updated 6 months ago
- Convert Microsoft Defender Antivirus Signatures (VDM) into YARA rules☆142Updated last week
- Compile shellcode into an exe file from Windows or Linux.☆72Updated 8 months ago
- Evasion Escaper is a project aimed at evading the checks that malicious software performs to detect if it's running in a virtual environm…☆111Updated last year
- ☆39Updated last year
- This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)☆51Updated last year
- ☆120Updated 2 years ago
- This is a simple example of DLL hijacking enabling proxy execution.☆70Updated 2 years ago
- ☆80Updated last year
- A proof-of-concept C2 channel through DuckDuckGo's image proxy service☆77Updated 2 years ago
- A repository holding Proof of Concepts for executing the calculator application via different file formats☆42Updated last year
- Scan your computer for known vulnerable and known malicious Windows drivers using loldrivers.io☆89Updated 2 months ago
- A Windows Named Pipe Multi-tool / Proxy☆287Updated 2 months ago
- Comprehensive Windows Syscall Extraction & Analysis Framework☆161Updated 5 months ago
- Remote Code Execution via Use-After-Free in JScript.dll (CVE-2025-30397)☆69Updated 8 months ago
- Bypasses AMSI protection through remote memory patching and parsing technique.☆54Updated 8 months ago
- ☆60Updated 9 months ago
- Detection of indirect syscall techniques using hardware breakpoints and vectored exception handling.☆51Updated 3 months ago
- My projects to understand malware development and detection. Use responsibly. I'm not responsible if you cause unauthorised damage to any…☆111Updated 7 months ago
- AV/EDR processes termination by exploiting a vulnerable driver (BYOVD)☆208Updated 3 weeks ago
- ☆115Updated last week