volexity / donut-decryptorLinks
Retrieve inner payloads from Donut samples
☆105Updated last year
Alternatives and similar repositories for donut-decryptor
Users that are interested in donut-decryptor are comparing it to the libraries listed below
Sorting:
- Windows Persistence IT-Security☆103Updated 5 months ago
- Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders …☆103Updated 5 months ago
- Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination…☆140Updated last year
- .NET tool used to enrich RPC telemetry☆96Updated 2 months ago
- StoneKeeper C2, an experimental EDR evasion framework for research purposes☆207Updated 8 months ago
- Local & remote Windows DLL Proxying☆165Updated last year
- This repo will contain the core detection, only for Cobaltstrike's leaked versions. Non-leaked version detections wont be shared☆89Updated last year
- ☆87Updated 2 years ago
- Identifies bad bytes from static analysis with any Anti-Virus scanner.☆127Updated last year
- ☆120Updated last year
- IoctlHunter is a command-line tool designed to simplify the analysis of IOCTL calls made by userland software targeting Windows drivers.☆105Updated last year
- ☆79Updated last year
- ☆157Updated 8 months ago
- Finding secrets in kernel and user memory☆116Updated last year
- Command and Control (C2) framework☆130Updated 3 months ago
- Early Bird APC Injection in Rust☆58Updated 10 months ago
- A collection of tools and detections for the Sliver C2 Frameworj☆128Updated 2 years ago
- A set of rootkit-like abilities for unprivileged users, and vulnerabilities based on the DOT-to-NT path conversion known issue☆99Updated last year
- PoC for using MS Windows printers for persistence / command and control via Internet Printing☆148Updated last year
- Tools for analyzing EDR agents☆241Updated last year
- Find DLLs with RWX section☆81Updated 2 years ago
- A comprehensive ETW (Event Tracing for Windows) event generation tool designed for testing and research purposes.☆205Updated 3 weeks ago
- Convert Microsoft Defender Antivirus Signatures (VDM) into YARA rules☆119Updated this week
- ☆108Updated 9 months ago
- Payload encoding utility to effectively lower payload entropy.☆119Updated 4 months ago
- POC of GITHUB simple C2 in rust☆52Updated last month
- A BOF to enumerate system process, their protection levels, and more.☆119Updated 9 months ago
- Create Anti-Copy DRM Malware☆63Updated last year
- An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution☆192Updated 9 months ago
- I have documented all of the AMSI patches that I learned till now☆73Updated 5 months ago