Stars
A cross-platform library for verifying Authenticode signatures
100 Days of YARA to be updated with rules & ideas as the year progresses
🔧 Deploy customizable Active Directory labs in Azure - automatically.
Automatically create YARA rules from malicious documents.
A set of scripts that demonstrate how to perform memory injection in C#
Hunts out CobaltStrike beacons and logs operator command output
unXOR will search a XORed file and try to guess the key using known-plaintext attacks.
pe2json: a Python based command line utility that reads Portable Executables (PE) files and output JSON
🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.
A PowerShell script that attempts to help malware analysts hide their VMware Windows VM's from malware that may be trying to evade analysis.
CORS "anywhere" proxy in a Cloudflare worker. DEMO at: https://test.cors.workers.dev/
A collection of PHP backdoors. For educational or testing purposes only.
oletools - python tools to analyze MS OLE2 files (Structured Storage, Compound File Binary Format) and MS Office documents, for malware analysis, forensics and debugging.
Identifies the bytes that Microsoft Defender flags on.
This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
Chepy is a python lib/cli equivalent of the awesome CyberChef tool.
The FLARE team's open-source tool to identify capabilities in executable files.
Collection of scripts & fingerprinting tricks for Shodan.io
A list of queries and actions that I repeat over and over again
Install and Run Python Applications in Isolated Environments
PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.