WhacAMole (WAM) is a cutting-edge tool designed for in-depth memory and process analysis to detect, investigate, and document anomalies caused…
Relocatable is an innovative tool designed to simplify the creation of Position Independent Code (PIC) in C. This tool enables…
The StoneKeeper C2 is an experimental command-and-control (C2) framework designed for research purposes, focusing on modern Windows malware tactics and…
Your malware's favorite sandbox - where red teamers come to bury their payloads. A sandbox environment designed specifically for malware…
Self-spreading to other Minecraft servers using an extendable, module-based lateral movement system. Crafty Controller Auth'd RCE - undisclosed, unpatched, intentional(?)…
HellBunny is a malleable shellcode loader written in C and Assembly utilizing direct and indirect syscalls for evading EDR hooks.…
hrtng IDA plugin is a collection of tools, ideas and experiments from different sources I've found interesting and useful in…
Embed a payload within a PNG file by splitting the payload across multiple IDAT sections. Each section is encrypted individually…
The v7.3.0 capa release comes with the following three major enhancements: 1. Support For VMRay Sandbox Analysis Archives Unlock powerful…
Prince now has a Windows Defender flag, namely "Ransom:Win64/PrinceRansom.YAA!MTB". This means that Prince Ransomware will no longer bypass Windows Defender…