sominsong / NIMOS
Analysis of syscall sequence pattern from exploit codes for advanced system call sequence filtering for enhanced container security
☆13Updated last year
Related projects: ⓘ
- Code for the paper "EMBERSim: A Large-Scale Databank for Boosting Similarity Search in Malware Analysis"☆25Updated 11 months ago
- Finds imports that could be exploited, still requires manual analysis.☆26Updated last year
- An injector that use PT_LOAD technique☆12Updated last year
- ☆19Updated last month
- This project fully automates the process of analyzing and exploiting IoT malware to find live CnC servers.☆38Updated last month
- Elasticsearch Stack Overflow Vulnerability☆18Updated 11 months ago
- Proof-of-Concept to evade auditd by tampering via ptrace☆15Updated last year
- Tricard - Malware Sandbox Fingerprinting☆19Updated 9 months ago
- Proof of Concept for CVE-2021-1585: Cisco ASA Device Manager RCE☆13Updated 2 years ago
- ☆30Updated last year
- A collection of projects demonstrating various commandline cloaking techniques on Linux☆53Updated 2 years ago
- Code for BH21 talk: "Generating YARA Rules by Classifying Malicious Byte Sequences"☆16Updated 2 years ago
- ☆56Updated last year
- Dump Lsass Memory Using a Reflective Dll☆14Updated 2 years ago
- Dynamic-Static binary instrumentation framework on top of GDB☆48Updated 11 months ago
- ☆19Updated this week
- Slide of my conference presentations☆10Updated 2 weeks ago
- Writeups, PoCs of the bugs I found while preparing for the Pwn2Own Miami 2023 contest targeting UaGateway from the OPC UA Server category…☆55Updated last year
- MUSHIKAGO-femto is an automated penetration testing and first aid tool☆15Updated 2 years ago
- ☆12Updated 2 years ago
- IoT Malware Similarity Analysis Platform☆44Updated 2 years ago
- A Semantics-Enhanced Learnable Vulnerability Detector☆43Updated 2 years ago
- ☆19Updated 4 months ago
- PoC code and tools for Black Hat USA 2024☆15Updated last month
- ☆23Updated 10 months ago
- Ansible build for Afl++ Frida-Mode☆20Updated 3 months ago
- A tool to reverse engineer and inspect the RPM and APT databases to list all the packages along with executables, service and versions.☆15Updated 4 months ago
- Extract data of TTD trace file to a minidump☆28Updated last year
- ☆22Updated 3 months ago
- This repository contains several AMSI bypasses. These bypasses are based on some very nice research that has been put out by some awesome…☆23Updated 2 years ago
- An Adaptive Misuse Detection System☆27Updated 2 weeks ago