Alternatives and similar repositories for bpfdoor-scanner

Users that are interested in bpfdoor-scanner are comparing it to the libraries listed below

• ChoiSG / kr-redteam-playbook
  오펜시브 시큐리티 TTP, 정보, 그리고 대응 방안을 분석하고 공유하는 프로젝트입니다. 정보보안 업계 종사자들과 학생들에게 도움이 되었으면 좋겠습니다.
  ☆61Updated 2 months ago
• ssp4rk / threatintel
  ☆11Updated 4 years ago
• volexity / hwp-extract
  A library and cli tool to extract HWP files.
  ☆22Updated 4 months ago
• hasherezade / mal_unpack_py
  Python wrappers for mal_unpack
  ☆36Updated last year
• pmelson / pyhexdmp
  ☆27Updated 3 years ago
• digitalisx / Security
  Digitalis's Security Lab
  ☆10Updated 3 years ago
• MikeHorn-git / WAFS
  Hardened your Windows OS against forensics analysis
  ☆21Updated 6 months ago
• nao-sec / rr_decoder
  Royal Road RTF Weaponizer object decoder
  ☆24Updated 8 months ago
• libyal / winevt-kb
  Windows Event Log Knowledge Base
  ☆24Updated 7 months ago
• analyzeDFIR / analyzePF
  Tool for analysis of Windows Prefetch files
  ☆26Updated 6 years ago
• tophat-cloud / cumulus
  Cumulus is web application weakness monitoring, works with just 3 code lines
  ☆40Updated 2 years ago
• DFC-2021-DogeCoin / WriteUp
  KIISC Digital Forensics Challenge 2021 - DogeCoin's WriteUp
  ☆18Updated 2 years ago
• gwillgues / BPFDoor
  BPFDoor Source Code. Originally found from Chinese Threat Actor Red Menshen
  ☆240Updated 3 years ago
• errbody / DPRK-Research
  ☆36Updated 3 months ago
• tstromberg / sunlight
  Linux #rootkit and #malware revealer
  ☆25Updated 10 months ago
• ChoiSG / GwisinMsi
  PoC MSI payload based on ASEC/AhnLab's blog post
  ☆23Updated 2 years ago
• sandflysecurity / sandfly-file-decloak
  Decloak Linux stealth rootkits hiding data with this simple memory mapped IO investigation tool.
  ☆25Updated 2 years ago
• embee-research / Icedid-file-decryptor
  Static Decryptor for IcedID Malware
  ☆18Updated 2 years ago
• mandiant / pulsesecure_exploitation_countermeasures
  ☆23Updated 2 years ago
• jfmaes / Emulation-Workshop
  The repository accompanying the Buer Emulation workshop
  ☆24Updated 3 years ago
• dfirlabs / ntfs-specimens
  NTFS file system specimens
  ☆13Updated last year
• cpuu / lmc
  Script for automating Linux memory capture and analysis
  ☆13Updated 5 years ago
• f0wl / blackCatConf
  Configuration Extractor for BlackCat Ransomware
  ☆30Updated 3 years ago
• stairwell-inc / cobalt-strike-stager-parser
  ☆34Updated 2 years ago
• signalblur / impelf
  "ImpELF: A Python-based ELF hashing utility that generates unique fingerprints for ELF binaries using their imported functions and librar…
  ☆15Updated last year
• tasox / Epimitheus
  Epimitheus is a tool that uses graphical database Neo4j for Windows Events visualization.
  ☆19Updated 3 years ago
• gmatuz / npm-initial-access
  Easy to extend initial access scenario to help with EDR testing on Linux and Mac
  ☆23Updated 3 years ago
• 0xThiebaut / PCAPeek
  A proof-of-concept re-assembler for reverse VNC traffic.
  ☆25Updated 2 years ago
• jymcheong / OpenEDR
  Renamed to Free EDR to avoid confusion with Comodo's project
  ☆26Updated 2 years ago
• embee-research / Yara-detection-rules
  Yara Rules for Modern Malware
  ☆77Updated last year