intelliroot-tech's repositories
InjectedCodeHunter
“Intelliroot Code Injection Hunter” is a tool that can to help you identify injected malicious code. The tool can identify and extract possibly injected code from the processes on a LIVE windows system. The tool can be used for Threat Hunting, Malware Analysis and Incident Response.
ProcessHuntingToolkit
Process hunting Toolkit is toolkit capable of hunting down malicious processes on Windows
Yaraedr
Here is our new tool YARA_EDR. Well it’s not a full fledged EDR but it can call at a small part of an EDR to accurately detect malwares executing in your environment. The tool is a wrapper around the yara binary for windows. It relies on the memory scanning capabilities and scans the virtual memory of all the processes on a system to identify malware patterns. The detection is sent to Elastic search server along with information like user name and hostname. The tool can be used for malware analysis, Threat Hunting, Incident Response. Let’s explore some features of the tool.
cve-2020-0796-Scanner
This tool helps scan large subnets for cve-2020-0796 vulnerable systems