RedScarf1005's repositories
flare-floss
FireEye Labs Obfuscated String Solver - Automatically extract obfuscated strings from malware.
flare-qdb
Command-line and Python debugger for instrumenting and modifying native software behavior on Windows and Linux.
speakeasy
Windows kernel and user mode emulation.
charlotte
c++ fully undetected shellcode launcher ;)
donut
Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters
cobaltstrike
Code and yara rules to detect and analyze Cobalt Strike
flare-ida
IDA Pro utilities from FLARE team
mandiant_managed_hunting
Azure Deployment Templates for Mandiant Managed Huning
commando-vm
Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@fireeye.com
rvmi-rekall
Rekall Forensics and Incident Response Framework with rVMI extensions
gocat
Provides access to libhashcat
ThreatPursuit-VM
Threat Pursuit Virtual Machine (VM): A fully customizable, open-sourced Windows-based distribution focused on threat intelligence analysis and hunting designed for intel and malware analysts as well as threat hunters to get up and running quickly.
FourEye
AV Evasion Tool For Red Team Ops
jitm
JITM is an automated tool to bypass the JIT Hooking protection on a .NET sample.
stringsifter
A machine learning tool that ranks strings based on their relevance for malware analysis.
ShiroScanF
shiro反序列化批量ip快速检测脚本
win10_rekall
Rekall Memory Forensic Framework
pywintrace
ETW Python Library
flashmingo
Automatic analysis of SWF files based on some heuristics. Extensible via plugins.