Static based decoders for malware samples
☆94Jul 27, 2020Updated 5 years ago
Alternatives and similar repositories for malware_decoders
Users that are interested in malware_decoders are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆23Aug 1, 2020Updated 5 years ago
- Smart overlay for Cobalt Strike PS function☆30Mar 9, 2019Updated 7 years ago
- My collection of unpackers for malware packers/crypters☆28Aug 24, 2017Updated 8 years ago
- Imaginary C2 is a python tool which aims to help in the behavioral (network) analysis of malware. Imaginary C2 hosts a HTTP server which …☆446Oct 26, 2022Updated 3 years ago
- hopefully a source-to-source deobfuscator, aiming at deobfuscating common scripts languages such as Powershell, VBA and Javascript. Curre…☆40Aug 17, 2019Updated 6 years ago
- Toolset for research malware and Cobalt Strike beacons☆211Mar 11, 2025Updated last year
- ☆45Aug 16, 2018Updated 7 years ago
- Ursnif beacon decryptor☆27Mar 20, 2023Updated 3 years ago
- CobaltStrike External C2 for Websockets☆197Jul 16, 2019Updated 6 years ago
- DoHC2 allows the ExternalC2 library from Ryan Hanson (https://github.com/ryhanson/ExternalC2) to be leveraged for command and control (C2…☆448Aug 7, 2020Updated 5 years ago
- 🔵 Ethereum and BNB (BSC) Mev bot - Arbitrage☆364Mar 4, 2026Updated 2 weeks ago
- Various scripts for different malware families☆106Apr 12, 2021Updated 4 years ago
- ☆1,133Dec 19, 2023Updated 2 years ago
- ☆18Apr 4, 2019Updated 6 years ago
- ☆12Jun 29, 2021Updated 4 years ago
- c2 traffic☆194Feb 6, 2023Updated 3 years ago
- For all these times you're asking yourself "what is this panel again?"☆261Jan 29, 2026Updated last month
- Volatility plugin for extracts configuration data of known malware☆495Dec 22, 2023Updated 2 years ago
- Cobalt Strike Aggressor extension for Visual Studio Code☆138Jun 20, 2024Updated last year
- Two IDAPython Scripts help you to reconstruct Microsoft COM (Component Object Model) Code☆184Oct 5, 2020Updated 5 years ago
- ☆13Jul 11, 2017Updated 8 years ago
- Kernel Cache Decryption for iOS☆17Nov 16, 2021Updated 4 years ago
- Random stuff for FlareOn☆14Oct 6, 2018Updated 7 years ago
- A collection of threat intelligence data such as IOC, Yara and Snort/Suricata Rules etc.☆10Sep 17, 2019Updated 6 years ago
- Python3 Metasploit automation library☆24Dec 8, 2022Updated 3 years ago
- ☆83Jan 31, 2020Updated 6 years ago
- A tool for scanning registery key permissions. Find where non-admins can create symbolic links.☆45Oct 30, 2019Updated 6 years ago
- Generates Malicious Macro and Execute Powershell or Shellcode via MSBuild Application Whitelisting Bypass.☆513Aug 6, 2019Updated 6 years ago
- DKMC - Dont kill my cat - Malicious payload evasion tool☆22Sep 7, 2017Updated 8 years ago
- ☆136Jan 24, 2019Updated 7 years ago
- An IDA Plugin that help analyzing module that use COM☆231Oct 10, 2025Updated 5 months ago
- Automated library compilation and PDB annotation with CMake and IDA Pro☆22Sep 20, 2018Updated 7 years ago
- A collection of scripts for dealing with Cobalt Strike beacons in Python☆169Jan 5, 2021Updated 5 years ago
- APT34/OILRIG leak☆232Apr 17, 2019Updated 6 years ago
- Bypass cobaltstrike beacon config scan☆84May 24, 2021Updated 4 years ago
- A collection of Indicators of Compromise (IoCs), most aligning with samples derived from the signatures in the YARA-Signatures repo☆29Jun 11, 2020Updated 5 years ago
- The Multiplatform Linux Sandbox☆16Dec 19, 2023Updated 2 years ago
- various methods of making API calls☆19Feb 1, 2025Updated last year
- ☆451Aug 4, 2021Updated 4 years ago