volexity / donut-decryptorLinks
Retrieve inner payloads from Donut samples
☆108Updated last year
Alternatives and similar repositories for donut-decryptor
Users that are interested in donut-decryptor are comparing it to the libraries listed below
Sorting:
- Windows Persistence IT-Security☆105Updated 6 months ago
- IoctlHunter is a command-line tool designed to simplify the analysis of IOCTL calls made by userland software targeting Windows drivers.☆105Updated last year
- Convert Microsoft Defender Antivirus Signatures (VDM) into YARA rules☆124Updated this week
- Local & remote Windows DLL Proxying☆165Updated last year
- Tools for analyzing EDR agents☆264Updated last year
- A set of rootkit-like abilities for unprivileged users, and vulnerabilities based on the DOT-to-NT path conversion known issue☆105Updated last year
- ☆121Updated last year
- ☆158Updated 9 months ago
- Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders …☆103Updated 6 months ago
- Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination…☆140Updated last year
- This repo will contain the core detection, only for Cobaltstrike's leaked versions. Non-leaked version detections wont be shared☆88Updated last year
- ☆87Updated 2 years ago
- An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution☆192Updated 10 months ago
- Detect EDR's exceptions by inspecting processes' loaded modules☆130Updated last year
- ☆105Updated last year
- ETW based POC to identify direct and indirect syscalls☆187Updated 2 years ago
- StoneKeeper C2, an experimental EDR evasion framework for research purposes☆207Updated 9 months ago
- .NET tool used to enrich RPC telemetry☆100Updated 3 months ago
- A comprehensive ETW (Event Tracing for Windows) event generation tool designed for testing and research purposes.☆238Updated 2 weeks ago
- ☆80Updated last year
- Command and Control (C2) framework☆131Updated 4 months ago
- A PoC of the ContainYourself research presented in DEFCON 31, which abuses the Windows containers framework to bypass EDRs.☆317Updated 2 years ago
- Blog/Journal on how to backdoor VSCode extensions☆74Updated 2 months ago
- Finding secrets in kernel and user memory☆116Updated 2 years ago
- Gain insights into MS-RPC implementations that may be vulnerable using an automated approach and make it easy to visualize the data. By f…☆291Updated last month
- Identifies bad bytes from static analysis with any Anti-Virus scanner.☆129Updated last year
- ☆137Updated 2 years ago
- I have documented all of the AMSI patches that I learned till now☆73Updated 6 months ago
- Find DLLs with RWX section☆81Updated 2 years ago
- SHELLSILO is a cutting-edge tool that translates C syntax into syscall assembly and its corresponding shellcode. It streamlines the proce…☆141Updated 2 months ago