whichbuffer / AntidebugLinks
Defeating Anti-Debugging Techniques for Malware Analysis
☆13Updated 2 years ago
Alternatives and similar repositories for Antidebug
Users that are interested in Antidebug are comparing it to the libraries listed below
Sorting:
- ☆12Updated 2 years ago
- Collection of generic YARA rules☆16Updated 11 months ago
- ☆24Updated 2 years ago
- ☆27Updated 6 months ago
- USB HID driver emulation with PID/VID (0x3bca/0x27bb) of Plenom A/S Busylight Alpha, that is supported by Mimikatz. When mimikatz is exec…☆20Updated 2 years ago
- PoC MSI payload based on ASEC/AhnLab's blog post☆23Updated 2 years ago
- Automatically spider the result set of a Censys/Shodan search and download all files where the file name or folder path matches a regex.☆27Updated 2 years ago
- ☆22Updated last year
- Scripts, Yara rules and other files developed during malware investigations☆25Updated 2 years ago
- This repository contains several AMSI bypasses. These bypasses are based on some very nice research that has been put out by some awesome…☆24Updated 2 years ago
- Tricard - Malware Sandbox Fingerprinting☆20Updated last year
- The repository accompanying the Buer Emulation workshop☆24Updated 3 years ago
- Golang Shlyuz Implant Implementation☆13Updated last week
- Repository for LNK stuff☆30Updated 2 years ago
- A Multi-Threaded PE Export Collection Utility☆14Updated 2 years ago
- Just another useless C2 occupying space in some HDD somewhere.☆20Updated last year
- Specialized tool to dump Position Independent Code.☆22Updated 4 years ago
- ☆18Updated last year
- NanoDumpInject from https://s3cur3th1ssh1t.github.io/Reflective-Dump-Tools/ , minor edits with a few syscalls☆11Updated 2 years ago
- Rapidly building a Windows 10 system to use for dynamic malware analysis (sandbox), sending data to Elastic Cloud.☆50Updated last year
- Scans a list of raccoon servers from Tria.ge and extracts the config☆15Updated last year
- Proof-of-Concept to evade auditd by writing /proc/PID/mem☆21Updated last year
- Tools helpful for malware analysis☆23Updated 9 months ago
- Identifies metadata of .NET binary files.☆21Updated last year
- ☆12Updated 3 years ago
- Dump Lsass Memory Using a Reflective Dll☆14Updated 3 years ago
- powershell script i wrote that can suspend an arbitrary process (with limits)☆20Updated 2 years ago
- A cap/pcap packet parser to make life easier when performing stealth/passive reconnaissance.☆21Updated 10 months ago
- Loading and executing shellcode in C# without PInvoke.☆22Updated 3 years ago
- ☆12Updated 4 years ago