timb-machine / linux-malware

Related projects: ⓘ

• nccgroup / exploit_mitigations
  Knowledge base of exploit mitigations available across numerous operating systems, architectures and applications and versions.
  ☆858Updated 4 months ago
• h3xduck / TripleCross
  A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.
  ☆1,751Updated 5 months ago
• cisagov / CHIRP
  A DFIR tool written in Python.
  ☆1,039Updated 3 years ago
• vxunderground / VXUG-Papers
  Research code & papers from members of vx-underground.
  ☆1,113Updated 2 years ago
• optiv / ScareCrow
  ScareCrow - Payload creation framework designed around EDR bypass.
  ☆2,711Updated last year
• e-m-b-a / emba
  EMBA - The firmware security analyzer
  ☆2,594Updated this week
• bats3c / shad0w
  A post exploitation framework designed to operate covertly on heavily monitored environments
  ☆2,024Updated 2 years ago
• MichaelKoczwara / Awesome-CobaltStrike-Defence
  Defences against Cobalt Strike
  ☆1,270Updated 2 years ago
• hasherezade / malware_training_vol1
  Materials for Windows Malware Analysis training (volume 1)
  ☆1,913Updated 2 months ago
• roadwy / RIP
  ☆1,466Updated 7 months ago
• a13xp0p0v / linux-kernel-defence-map
  Linux Kernel Defence Map shows the relationships between vulnerability classes, exploitation techniques, bug detection mechanisms, and de…
  ☆1,765Updated 2 months ago
• citronneur / pamspy
  Credentials Dumper for Linux using eBPF
  ☆1,111Updated last week
• mufeedvh / moonwalk
  Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps.
  ☆1,344Updated last year
• alexandreborges / malwoverview
  Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Po…
  ☆2,920Updated 2 months ago
• 0x4143 / malware-gems
  A not so awesome list of malware gems for aspiring malware analysts
  ☆787Updated last year
• mandiant / capa
  The FLARE team's open-source tool to identify capabilities in executable files.
  ☆4,094Updated this week
• HashPals / Search-That-Hash
  🔎Searches Hash APIs to crack your hash quickly🔎 If hash is not found, automatically pipes into HashCat⚡
  ☆1,237Updated last year
• hasherezade / hollows_hunter
  Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks,…
  ☆1,998Updated last week
• jstrosch / malware-samples
  Malware samples, analysis exercises and other interesting resources.
  ☆1,456Updated 8 months ago
• evilbuffer / malware-and-exploitdev-resources
  ☆498Updated 2 years ago
• 0vercl0k / wtf
  wtf is a distributed, code-coverage guided, customizable, cross-platform snapshot-based fuzzer designed for attacking user and / or kerne…
  ☆1,456Updated 3 months ago
• ashemery / exploitation-course
  Offensive Software Exploitation Course
  ☆2,315Updated last year
• TheParmak / conti-leaks-englished
  Google and deepl translated conti leaks, which is shared by a member of the conti ransomware group.
  ☆586Updated 2 years ago
• hackerschoice / gsocket
  Connect like there is no firewall. Securely.
  ☆1,458Updated 2 weeks ago
• cert-ee / cuckoo3
  Cuckoo 3 is a Python 3 open source automated malware analysis system.
  ☆604Updated this week
• WithSecureLabs / chainsaw
  Rapidly Search and Hunt through Windows Forensic Artefacts
  ☆2,715Updated 3 weeks ago
• lockedbyte / CVE-Exploits
  PoC exploits for software vulnerabilities
  ☆676Updated 3 years ago
• rabbitstack / fibratus
  Adversary tradecraft detection, protection, and hunting
  ☆2,182Updated this week
• mandiant / ThreatPursuit-VM
  Threat Pursuit Virtual Machine (VM): A fully customizable, open-sourced Windows-based distribution focused on threat intelligence analysi…
  ☆1,224Updated last year