The v7.3.0 capa release comes with the following three major enhancements: 1. Support For VMRay Sandbox Analysis Archives Unlock powerful malware analysis with capa's new VMRay...

Prince now has a Windows Defender flag, namely "Ransom:Win64/PrinceRansom.YAA!MTB". This means that Prince Ransomware will no longer bypass Windows Defender without modifications to remove...

Usman Sikander (a.k.a Offensive-Panda) is a seasoned security professional specializing in adversary emulation, malware development, malware analysis, and red teaming. I am passionate to...

Adversaries may use binary padding to add junk data and change the on-disk representation of malware. This can be done without affecting the functionality...

In the cybersecurity landscape, attackers constantly devise methods to bypass security measures. One sophisticated technique is T1036.005, or Masquerading: Match Legitimate Name or Location,...

ChaiLdr - AV Evasive Payload Loader represents a cutting-edge approach in malware development, blending innovative evasion techniques to bypass modern antivirus solutions. Crafted with...

Learning about Windows rootkits lately, so here is my own implementation of some techniques. For an overview, see Features below. Banshee is meant to be used with kdmapper or...

A curated list of awesome malware analysis tools and resources. Inspired by awesome-python and awesome-php. Malware Collection Anonymizers Honeypots Malware Corpora Open Source Threat Intelligence Tools Other Resources Detection and Classification Online Scanners and Sandboxes Domain Analysis Browser...

Kill a live running QAKbot on an infected machine. More on this : Operation Duckhunt : Field Testing the FBI’s Anti-Qakbot Payload (C) Raashid Bhat In the...

Malware is a malicious computer program that is designed to infect your system and gain access to sensitive information without the user's permission. Software is referred to...