edix

LoadDll

Better version of RunDll with GUI. This program allows you to load DLLs on Windows. You can select how to load the DLL. By direct Entry Point call (DllMain) or if you want to call directly an exported function of the DLL.

HiddenProcessDetection

Examples for detection of hidden processes on windows

MalwareResourceScanner

Scanning and identifying XOR encrypted PE files in PE resources

AlternativeCreateRemoteThread-public

Load and unload a DLL into an remote process without using WriteProcessMemory ;)

AlternativeIsDebuggerPresent

Alternative (and cooler) version of IsDebuggerPresent API

MyTerminateProcess

Terminates a process by using DuplicateHandle and DUPLICATE_CLOSE_SOURCE flag.

AutoDecompress

IDA Pro Plugin to unpack data at given offset

sedocllehs

AlternativeDeleteFile

Using native API to delete files on windows

bifrost_decoder

Decoder for Bifrost RAT

BugCatcher

IDA Pro Plugin for catching bugs

EntropyDir

Python script. Calculates entropy of all files in a directory.

funfacts

funfacts for everything...

RATDecoders

Python Decoders for Common Remote Access Trojans

powershell_test