ohio813's repositories
CyberChef
The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis
play.backdoorsandbreaches.com
Dashboard for conducting Backdoors and Breaches sessions over Zoom.
malware-analysis-detection-engineering
Source Code for 'Malware Analysis and Detection Engineering' by Abhijit Mohanta and Anoop Saldanha
gmail-unsubscribe
Bulk unsubscribe from lists in your Gmail inbox for free without compromising privacy
imessage-exporter
Export iMessage data + run iMessage Diagnostics
XPEViewer
PE file viewer/editor for Windows, Linux and MacOS.
Detect-It-Easy
Program for determining types of files for Windows, Linux and MacOS.
S4UTomato
Escalate Service Account To LocalSystem via Kerberos
SigThief
Stealing Signatures and Making One Invalid Signature at a Time
CheekyBlinder
Enumerating and removing kernel callbacks using signed vulnerable drivers
RanSAP
RanSAP: An Open Dataset of Ransomware Storage Access Patterns for Training Machine Learning Models
binlex
A Binary Genetic Traits Lexer Framework
yara-signator
Automatic YARA rule generation for Malpedia
RichPE
Metadata hash incorporating the Rich Header for robustness against packing and other malware tricks
rizin
UNIX-like reverse engineering framework and command-line toolset.
flare-floss
FireEye Labs Obfuscated String Solver - Automatically extract obfuscated strings from malware.
StartIDA
IDA portabilizer - Starts IDA and copies/deletes settings from folders and registry
donut
Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters
MalConv-keras
This is the implementation of MalConv proposed in [Malware Detection by Eating a Whole EXE](https://arxiv.org/abs/1710.09435) and its adversarial sample crafting.
MalConv-Pytorch
Pytorch implementation of MalConv
malware-injection
Official implementation for the paper "On deceiving malware classification with section injection"
SignFinder
Tool for easy clean PE32 from AV signature
ShellcodeFluctuation
An advanced in-memory evasion technique fluctuating shellcode's memory protection between RW/NoAccess & RX and then encrypting/decrypting its contents
ShellGhost
A memory-based evasion technique which makes shellcode invisible from process start to end.
PPLdump
Dump the memory of a PPL with a userland exploit
Backstab
A tool to kill antimalware protected processes
appmon
Documentation: