m4now4r

VidarStealer

Notes some analysis related to VidarStealer sample

VN_daily_samples

PlugX_Mustang-Panda

Malwarebytes_crackme

Presentations

My conference presentations

Trickbot_full_configs

Awesome-KAPE

A curated list of KAPE-related resources

Binary-Learning

滴水逆向初、中级学习笔记，不定时更新，自用仓库，不喜勿喷；感谢滴水，有如此完整体系的学习视频，白嫖党嫖了一波...感谢海东老师以及其他课程老师，听课受益匪浅。

Computer-forensics

The best tools and resources for forensic analysis.

DFIRMindMaps

A repository of DFIR-related Mind Maps geared towards the visual learners!

emotet-deobfuscator

golang_struct_builder

IDA 7.0+ script that auto-generates structs and interfaces from runtime metadata found in golang binaries

HermeticWizard

It is a worm that was deployed on a system in Ukraine at 14:52:49 on February 23rd, 2022 UTC.

Hyara

Yara rule making tool (IDA Pro & Binary Ninja & Cutter & Ghidra Plugin)

HyperHide

Hypervisor based anti anti debug plugin for x64dbg

ida

🧛🏻‍♂️ Dark theme for IDA Pro

IDAPython-Example

IDAPython Example

IDAPython_Note

illuminatejs

IlluminateJS is a static JavaScript deobfuscator

Introduction-to-Process-Hollowing

malware_analysis

Scripts, Yara rules and other files developed during malware investigations

MemoryModule

Library to load a DLL from memory.

obfDetect

IDA plugin to pinpoint obfuscated code

quicksand

QuickSand document and PDF malware analysis tool written in Python

RedTeam-Tactics-and-Techniques

Red Teaming Tactics and Techniques

shellcode-analysis_recover-api-from-hashes

tbi

The Blunt Implantment

threat-hunting-malware-analysis-incident-response

Some portable tools, some YARA, some Python, and a little bit of love. Not all of these tools can be used in incident response. Use PEs with caution.

Trickbot_DLLModule

Windows-auditing-mindmap

Set of Mindmaps providing a detailed overview of the different #Windows auditing capacities and event log files.