Projects in Awesome Lists by jstrosch

https://github.com/jstrosch/malware-samples

Malware samples, analysis exercises and other interesting resources.

azorult emotet lokibot maldoc-templates malware malware-samples pcaps training trickbot

Last synced: 23 Mar 2025

https://github.com/jstrosch/learning-malware-analysis

This repository contains sample programs that mimick behavior found in real-world malware. The goal is to provide source code that can be compiled and used for learning purposes, without having to worry about handling live malware.

c learning malware-analysis reverse-engineering windows-api

Last synced: 04 Apr 2025

https://github.com/jstrosch/learning-reverse-engineering

This repository contains sample programs written primarily in C and C++ for learning native code reverse engineering.

c cplusplus educational-project learning reverse-engineering

Last synced: 04 Apr 2025

https://github.com/jstrosch/sclauncher

A small program written in C that is designed to load 32/64-bit shellcode and allow for execution or debugging. Can also output PE files from shellcode.

malware-analysis pe portable-executable reverse-engineering shellcode x64 x86

Last synced: 11 Apr 2025

https://github.com/jstrosch/subparse

Modular malware analysis artifact collection and correlation framework

Last synced: 11 Apr 2025

https://github.com/jstrosch/xor-decode-strings-ida-plugin

This IDA Python plugin is intended to get you started creating IDA Plugins with Python, recognize the importance of deobfuscating strings and work on translating assembly to a higher-level language (i.e. Python).

ida ida-pro plugin

Last synced: 11 Apr 2025

https://github.com/jstrosch/graph-maldoc-similar-images

A script that extracts embedded images from Office Open XML (OOXML) documents and generates image hash similarity graphs that cluster visually similar images together. The script computes the Average Hash of each extracted image, then graphs the images if they meet the similarity threshold. The script can be used as a technique for visually identifying malware campaigns involving documents. To use the script, supply a directory containing OOXML files. If LibreOffice is in your PATH you can optionally convert non-OOXML Word, Excel, PowerPoint and Rich Text File documents to OOXML. The script outputs DOT files that can be exported as images using Graphviz. If Graphviz is in your PATH you can also export to an SVG (preferred) or PNG image.

image maldoc malware

Last synced: 11 Apr 2025

https://github.com/jstrosch/search-abuse.ch

Python3 script that can download samples directly from Abuse.CH or via submitted URLs

Last synced: 11 Apr 2025

https://github.com/jstrosch/flare-vm-configs

These FLARE-VM configuration files are designed to be help setup a purpose-built installation, remove unnecessary packages to help streamline the installation.

Last synced: 05 Apr 2025

https://github.com/jstrosch/hybrid-analysis-api

This is a small Python3 script that allows you to search and download samples from Hybrid Analysis' v2 API

Last synced: 11 Apr 2025

https://github.com/jstrosch/username_generator

A Burp Extension that parses emails from HTTP content and can optionally generate usernames.

burp-extensions burpsuite demo python

Last synced: 11 Apr 2025

https://github.com/jstrosch/Username_Generator

A Burp Extension that parses emails from HTTP content and can optionally generate usernames.

burp-extensions burpsuite demo python

Last synced: 19 Apr 2025

https://github.com/jstrosch/shodan-scan-wrapper

Python3 script that wraps Shodan CLI - it resolves a domain to an IP and then performs a scan

python3 threat-hunting threat-intelligence

Last synced: 11 Apr 2025

ecosyste.ms

Data

Tools

Indexes

Applications

Experiments

Awesome