Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

Projects in Awesome Lists by hasherezade

A curated list of projects in awesome lists by hasherezade .

- Recently synced
- Stars

https://github.com/hasherezade/pe-sieve

Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).

anti-malware hooking libpeconv malware-analysis memory-forensics pe-analyzer pe-dumper pe-format pe-sieve process-analyzer scans

Last synced: 01 Aug 2024

https://github.com/hasherezade/pe-bear

Portable Executable reversing tool with a friendly GUI

bearparser malware-analysis multiplatform pe-analyzer pe-analyzer-gui pe-editor pe-file pe-format

Last synced: 01 Aug 2024

https://github.com/hasherezade/pe_to_shellcode

Converts PE into a shellcode

pe-file pe-to-shellcode pe2shc pe2shellcode shellcode

Last synced: 27 Aug 2024

https://github.com/hasherezade/hollows_hunter

Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).

anti-malware malware-analysis malware-detection memory-forensics pe-sieve

Last synced: 31 Jul 2024

https://github.com/hasherezade/malware_training_vol1

Materials for Windows Malware Analysis training (volume 1)

malware-analysis malware-research windows-malware-analysis

Last synced: 03 Aug 2024

https://github.com/hasherezade/tiny_tracer

A Pin Tool for tracing API calls etc

api-trace dbi intel-pintools malware-analysis reverse-engineering

Last synced: 01 Aug 2024

https://github.com/hasherezade/exe_to_dll

Converts a EXE into DLL

Last synced: 04 Aug 2024

https://github.com/hasherezade/libpeconv

A library to load, manipulate, dump PE files. See also: https://github.com/hasherezade/libpeconv_tpl

libpeconv manual-mapping pe-file pe-format pe-loader

Last synced: 01 Aug 2024

https://github.com/hasherezade/demos

Demos of various injection techniques found in malware

code-injection dll-injection malware process-hollowing runpe

Last synced: 03 Aug 2024

https://github.com/hasherezade/pe-bear-releases

PE-bear (builds only)

pe-analyzer pe-editor pe-format

Last synced: 04 Aug 2024

https://github.com/hasherezade/bearparser

Portable Executable parsing library (from PE-bear)

bearparser multiplatform parser-library pe

Last synced: 04 Aug 2024

https://github.com/hasherezade/process_ghosting

Process Ghosting - a PE injection technique, similar to Process Doppelgänging, but using a delete-pending file instead of a transacted file

pe-injection pe-injector pefile

Last synced: 31 Jul 2024

https://github.com/hasherezade/ida_ifl

IFL - Interactive Functions List (plugin for IDA Pro)

ida-plugin ida-pro idapython-plugin

Last synced: 30 Jul 2024

https://github.com/hasherezade/process_overwriting

Yet another variant of Process Hollowing

Last synced: 04 Aug 2024

https://github.com/hasherezade/persistence_demos

Demos of various (also non standard) persistence methods used by malware

Last synced: 01 Aug 2024

https://github.com/hasherezade/pin_n_sieve

An experimental dynamic malware unpacker based on Intel Pin and PE-sieve

Last synced: 04 Aug 2024

https://github.com/hasherezade/tag_converter

Last synced: 04 Aug 2024