timb-machine / linux-malware
Tracking interesting Linux (and UNIX) malware. Send PRs
☆1,113Updated 3 months ago
Related projects: ⓘ
- Knowledge base of exploit mitigations available across numerous operating systems, architectures and applications and versions.☆858Updated 4 months ago
- A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.☆1,751Updated 5 months ago
- A DFIR tool written in Python.☆1,039Updated 3 years ago
- Research code & papers from members of vx-underground.☆1,113Updated 2 years ago
- ScareCrow - Payload creation framework designed around EDR bypass.☆2,711Updated last year
- EMBA - The firmware security analyzer☆2,594Updated this week
- A post exploitation framework designed to operate covertly on heavily monitored environments☆2,024Updated 2 years ago
- Defences against Cobalt Strike☆1,270Updated 2 years ago
- Materials for Windows Malware Analysis training (volume 1)☆1,913Updated 2 months ago
- ☆1,466Updated 7 months ago
- Linux Kernel Defence Map shows the relationships between vulnerability classes, exploitation techniques, bug detection mechanisms, and de…☆1,765Updated 2 months ago
- Credentials Dumper for Linux using eBPF☆1,111Updated last week
- Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps.☆1,344Updated last year
- Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Po…☆2,920Updated 2 months ago
- A not so awesome list of malware gems for aspiring malware analysts☆787Updated last year
- The FLARE team's open-source tool to identify capabilities in executable files.☆4,094Updated this week
- 🔎Searches Hash APIs to crack your hash quickly🔎 If hash is not found, automatically pipes into HashCat⚡☆1,237Updated last year
- Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks,…☆1,998Updated last week
- Malware samples, analysis exercises and other interesting resources.☆1,456Updated 8 months ago
- ☆498Updated 2 years ago
- wtf is a distributed, code-coverage guided, customizable, cross-platform snapshot-based fuzzer designed for attacking user and / or kerne…☆1,456Updated 3 months ago
- Offensive Software Exploitation Course☆2,315Updated last year
- Google and deepl translated conti leaks, which is shared by a member of the conti ransomware group.☆586Updated 2 years ago
- Connect like there is no firewall. Securely.☆1,458Updated 2 weeks ago
- Cuckoo 3 is a Python 3 open source automated malware analysis system.☆604Updated this week
- Rapidly Search and Hunt through Windows Forensic Artefacts☆2,715Updated 3 weeks ago
- PoC exploits for software vulnerabilities☆676Updated 3 years ago
- Adversary tradecraft detection, protection, and hunting☆2,182Updated this week
- Threat Pursuit Virtual Machine (VM): A fully customizable, open-sourced Windows-based distribution focused on threat intelligence analysi…☆1,224Updated last year