MalwareMechanic's repositories

RISCYpacker

Process Hollowing Packer

Language:CStargazers:22Issues:3Issues:0

loader

Resident Http(s) Command Execution Bot

Language:C++Stargazers:5Issues:3Issues:0

malware

malware source codes

Language:CStargazers:4Issues:2Issues:0

Win32.Stolich

A Polymorphic, RSA 4096 AES 256, Crypter that demands BitCoins (statically)

Language:PHPStargazers:3Issues:2Issues:0

CyberChef

The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis

Language:JavaScriptLicense:Apache-2.0Stargazers:1Issues:1Issues:0

QuasarRAT

Remote Administration Tool for Windows

Language:C#License:NOASSERTIONStargazers:1Issues:2Issues:0
Language:PowerShellLicense:Apache-2.0Stargazers:1Issues:0Issues:0

BotKiller

find and kill injectedThreads from memory

Language:CStargazers:0Issues:1Issues:0

boxstarter

Repeatable, reboot resilient windows environment installations made easy using Chocolatey packages

Language:PowerShellLicense:Apache-2.0Stargazers:0Issues:0Issues:0

capa-rules

Standard collection of rules for capa: the tool for enumerating the capabilities of programs

Language:PythonLicense:Apache-2.0Stargazers:0Issues:1Issues:0
Language:PythonStargazers:0Issues:1Issues:0

ConfuserEx

An open-source, free protector for .NET applications

Language:C#License:NOASSERTIONStargazers:0Issues:1Issues:0
Language:CLicense:GPL-3.0Stargazers:0Issues:1Issues:0

dedrop

Looking inside the (Drop) box. Security Analysis of Dropbox. Updated WOOT '13 paper and other goodies.

Language:CStargazers:0Issues:1Issues:0

diablo

Diablo is a retargetable link-time binary rewriting framework

Language:CLicense:GPL-2.0Stargazers:0Issues:1Issues:0

fancybear

Fancy Bear Source Code

Language:PythonStargazers:0Issues:1Issues:0

FileInsight-plugins

FileInsight-plugins: tiny plugins for McAfee FileInsight hex editor useful for various kind of decoding tasks in malware analysis.

Language:PythonLicense:BSD-2-ClauseStargazers:0Issues:1Issues:0

flare-qdb

Command-line and Python debugger for instrumenting and modifying native software behavior on Windows and Linux.

Language:PythonLicense:Apache-2.0Stargazers:0Issues:1Issues:0
Language:CSSLicense:NOASSERTIONStargazers:0Issues:1Issues:0
Language:C++License:MITStargazers:0Issues:1Issues:0

pefile

pefile is a Python module to read and work with PE (Portable Executable) files

Language:PythonLicense:MITStargazers:0Issues:1Issues:0

pocs

Proof of Concepts (PE, PDF...)

Language:AssemblyStargazers:0Issues:1Issues:0

PortEx

Java library to analyse Portable Executable files with a special focus on malware analysis and PE malformation robustness

Language:JavaLicense:Apache-2.0Stargazers:0Issues:1Issues:0

POSHSPY

POSHSPY backdoor code

Stargazers:0Issues:1Issues:0

rootkit.com

Mirror of users section of rootkit.com

Language:PascalStargazers:0Issues:1Issues:0

snippets

pieces of dirty quick code. possible error checking or none.

Language:CStargazers:0Issues:1Issues:0
Stargazers:0Issues:2Issues:0

test_volatility

An advanced memory forensics framework

Language:PythonLicense:GPL-2.0Stargazers:0Issues:1Issues:0

TinyNuke

zeus-style banking trojan

Language:C++Stargazers:0Issues:1Issues:0