Lists (4)
Stars
A free but powerful Windows kernel research tool.
⭐️ A curated list of awesome forensic analysis tools and resources
AttackGen is a cybersecurity incident response testing tool that leverages the power of large language models and the comprehensive MITRE ATT&CK framework. The tool generates tailored incident resp…
Inject malicious code into Notepad and use antivirus software memory scanning to automatically locate memory signature codes. 向notepad注入恶意代码,利用杀软进行内存扫描自动化定位内存特征码。
Linux应急处置/信息搜集/漏洞检测工具,支持基础配置/网络流量/任务计划/环境变量/用户信息/Services/bash/恶意文件/内核Rootkit/SSH/Webshell/挖矿文件/挖矿进程/供应链/服务器风险等13类70+项检查
MalwareScan is a lightweight and fast malware scanner written in Python. It supports both Windows and Linux platforms and provides an open-source solution for detecting malicious files quickly and …
7-zip build and package script with nsis script decompiling using ms visual studio
Generating legitimate call stack frame along with indirect syscalls by abusing Vectored Exception Handling (VEH) to bypass User-Land EDR hooks in Windows.
A set of fully-undetectable process injection techniques abusing Windows Thread Pools
Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader.
A high-speed forensic processing engine purpose-built for DFIR investigators. Quickly consolidate CSV output from processed triage evidence into a unified timeline with built-in filtering, artifact…
Identifies the bytes that Microsoft Defender flags on.
Python decompiler for modern Python versions.
🦎Triton_RAT is free and easy to use, one of the best remote administration tools written in Python, fully integrated with Telegram🦎
coffeegist / bofhound
Forked from fortalice/bofhoundGenerate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel
Fileless ring 3 rootkit with installer and persistence that hides processes, files, network connections, etc.