hrtng IDA plugin is a collection of tools, ideas and experiments from different sources I've found interesting and useful in…
Embed a payload within a PNG file by splitting the payload across multiple IDAT sections. Each section is encrypted individually…
The v7.3.0 capa release comes with the following three major enhancements: 1. Support For VMRay Sandbox Analysis Archives Unlock powerful…
Prince now has a Windows Defender flag, namely "Ransom:Win64/PrinceRansom.YAA!MTB". This means that Prince Ransomware will no longer bypass Windows Defender…
Usman Sikander (a.k.a Offensive-Panda) is a seasoned security professional specializing in adversary emulation, malware development, malware analysis, and red teaming.…
Adversaries may use binary padding to add junk data and change the on-disk representation of malware. This can be done…
In the cybersecurity landscape, attackers constantly devise methods to bypass security measures. One sophisticated technique is T1036.005, or Masquerading: Match…
ChaiLdr - AV Evasive Payload Loader represents a cutting-edge approach in malware development, blending innovative evasion techniques to bypass modern…
Learning about Windows rootkits lately, so here is my own implementation of some techniques. For an overview, see Features below. Banshee is…
A curated list of awesome malware analysis tools and resources. Inspired by awesome-python and awesome-php. Malware Collection Anonymizers Honeypots Malware Corpora Open Source…