This repository contains the analysis reports, technical details or any tools created for helping in malware analysis. Additionally, the repo contains extracted TTPs with code along with the detection rules
☆23Jun 17, 2025Updated 8 months ago
Alternatives and similar repositories for MalwareAnalysisSeries
Users that are interested in MalwareAnalysisSeries are comparing it to the libraries listed below
Sorting:
- ☆27May 1, 2023Updated 2 years ago
- simple C# portscanner - written for playing around with Metasploit's Execute-Assembly☆10Jul 1, 2023Updated 2 years ago
- Execute embedded Mimikatz☆13Nov 24, 2021Updated 4 years ago
- ☆30Aug 24, 2025Updated 6 months ago
- Direct syscalls Injection to bypass AV/EDR☆12May 18, 2024Updated last year
- ☆15Feb 9, 2022Updated 4 years ago
- A tool to assist DLL hijacking via the Havoc GUI☆12Jan 9, 2024Updated 2 years ago
- Patches the AmsiScan function in clr.dll allowing for unrestricted assembly loading in .NET☆51May 5, 2025Updated 9 months ago
- ☆20May 1, 2023Updated 2 years ago
- CVE-2020-14882 Weblogic-Exp☆17Oct 29, 2020Updated 5 years ago
- "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…☆28Sep 18, 2024Updated last year
- powershell script i wrote that can suspend an arbitrary process (with limits)☆22Mar 26, 2023Updated 2 years ago
- Detect userland hooks placed by AV/EDR☆28Sep 4, 2023Updated 2 years ago
- The Web UI for Antnium☆27Jun 14, 2022Updated 3 years ago
- .NET assembly loader with patching AMSI and ETW bypass☆31Apr 16, 2025Updated 10 months ago
- ☆36May 27, 2024Updated last year
- An improvement and a different approach to Mockingjay Self-Injection.☆35May 21, 2024Updated last year
- NimReflectiveLoader is a Nim-based tool for in-memory DLL execution using Reflective DLL Loading.☆30Jan 21, 2024Updated 2 years ago
- Demonstration of Early Bird APC Injection - MITRE ID T1055.004☆35Oct 31, 2023Updated 2 years ago
- A program for obfuscating C strings☆36Feb 26, 2023Updated 3 years ago
- A repository for a Deep Q-Learning approach to intrusion detection for networks cyber-attacks.☆10Sep 3, 2021Updated 4 years ago
- SPPNet: An Appoach For Real-Time Encrypted Traffic Classification Using Deep Learning☆10Aug 6, 2024Updated last year
- A Dynamic MSBuild task to help with minor obfuscation of C# Binaries to evade static signatures on each compilation☆38Dec 7, 2025Updated 2 months ago
- 🚧 C# UAC Bypass technique using mock directories 🚧☆28Jul 27, 2022Updated 3 years ago
- Execute shellcode via ASPNET compiler☆62Oct 2, 2025Updated 5 months ago
- 安卓远控,天线6.0 无限使用版☆11Sep 9, 2023Updated 2 years ago
- Discord C2 Profile for Mythic☆33Feb 18, 2025Updated last year
- Static binary analysis with Detect It Easy — 100% in your browser, no uploads.☆53Feb 10, 2026Updated 3 weeks ago
- A basic exemple of the API-Hashing method used by Red Teamers but also by malwares developers in C++☆37Jan 10, 2024Updated 2 years ago
- Reverse Engineering and Debugging Malware☆32Feb 27, 2023Updated 3 years ago
- Set the process mitigation policy for loading only Microsoft Modules , and block any userland 3rd party modules☆43May 6, 2023Updated 2 years ago
- ☆33Jan 3, 2023Updated 3 years ago
- IDA Python scripts☆42Apr 11, 2025Updated 10 months ago
- A MQTT Client for ComputerCraft☆10Jan 27, 2024Updated 2 years ago
- shared samples from #dailyphish and/or #apt tweets☆41Sep 3, 2025Updated 6 months ago
- Documentation, U-Boot and OpenWRT ports for a low-cost MT02 repeater.☆14Oct 27, 2025Updated 4 months ago
- A framework for backdooring Microsoft Nuget packages.☆10Jan 9, 2024Updated 2 years ago
- Windows Persistence Toolkit in C#☆36Sep 23, 2022Updated 3 years ago
- KitsuneC2 is a cross-platform adversary emulation tool written in Go.☆12Oct 25, 2024Updated last year