sysopfb

Malware_Scripts

Various scripts for different malware families

malware_decoders

Static based decoders for malware samples

Unpackers

My collection of unpackers for malware packers/crypters

open_mal_analysis_notes

open source malware analysis and research notes dump

GoMang

GoLang binary pclntab mangler

sslscan

Python code for mass scanning IP ranges for certificates

malcert

Demonstration framework for malware C2 over x509 certificate extensions

pyserpent

serpent encryption in python

heurscan

Heuristic yara scanning engine proof of concept

my_minilzo

Minilzo with python api

bytecode_loader

This program simply loads windows bytecode into memory and then executes it, designed for easily being able to debug shellcode blobs

RATDecoders

Python Decoders for Common Remote Access Trojans

StegoCRL

Demonstration of using Stegonagraphy to load a file into a CRL

brieflz

Small fast Lempel-Ziv compression library

IIS-Raid

A native backdoor module for Microsoft IIS (Internet Information Services)

MaskedVByte

MaskedVByte integer compression in python

pe_unmapper

Pythonic pe unmapper

ProfiledSystems

Collection of data regarding profiled systems, servers and processes.

pyrijndael

Python version of Rijndael for both ECB and CBC mode

sandsifter

The x86 processor fuzzer

sysopfb.github.io

Ammyy-v3

Ammyy v3 Source Code leak , with ❤️ <3

Detours

Detours is a software package for monitoring and instrumenting API calls on Windows. It is distributed in source code form.

honeypot_tls_research

This will be an ongoing dump of all my current tls research data sets

HybridAPI

Quick tool for using Hybrid Analysis API on command line..

IFuzzer

ja3

JA3 is a standard for creating SSL client fingerprints in an easy to produce and shareable way.

MS17-010

MS17-010 Research

UnsafeGolangLibs

Standard Golang library code with error detection removed

unsapien

Python script to extract embedded data from binaries generated by SAPIEN Script Packager