Charles Lomboni's starred repositories
YouGotReversed
This repository contains malware samples that I reverse engineered.
hollows_hunter
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
Win10SysProgBookSamples
Windows 10 System Programming book samples
pe_to_shellcode
Converts PE into a shellcode
awesome-intelligence-writing
Collection of awesome resources on intelligence writing, including manuals/guides, standards, books, tranings, articles, videos, etc
Simple-Malicious-Programs
Repository with simples C binary samples for beginners REs & Defenders
winsos-poc
A PoC demonstrating code execution via DLL Side-Loading in WinSxS binaries.
mfanalyzer
A tool for quick and dirty analysis of suspicious files. Designed to run inside Remnux!
BlackLotus
BlackLotus UEFI Windows Bootkit
sclauncher
A small program written in C that is designed to load 32/64-bit shellcode and allow for execution or debugging. Can also output PE files from shellcode.
Evasions
Evasions encyclopedia gathers methods used by malware to evade detection when run in virtualized environment. Methods are grouped into categories for ease of searching and understanding. Also provided are code samples, signature recommendations and countermeasures within each category for the described techniques.
process_doppelganging
My implementation of enSilo's Process Doppelganging (PE injection technique)
Qu1cksc0pe
All-in-One malware analysis tool.
BlackLotus
BlackLotus UEFI Windows Bootkit
maltego-transforms-list
A list of tools that handle different data and make it usable in Maltego.
PEExplorerV2
Portable Executable Explorer version 2
community-plugins
Repository for community provided Binary Ninja plugins
Modern-CPP-Programming
Modern C++ Programming Course (C++03/11/14/17/20/23/26)