Author: ddos

identify beacons

Hunt-Sleeping-Beacons: identify beacons

Hunt-Sleeping-Beacons This project is ( mostly ) a callstack scanner which tries to identify IOCs indicating an unpacked or injected C2 agent. All checks are based on the observation that C2 agents wait between...

Malduck

Malduck: make library for malware researchers

Malduck Malduck is your ducky companion in malware analysis journeys. It is mostly based on the Roach project, which derives many concepts from mlib library created by Maciej Kotowicz. The purpose of the fork was to make Roach...

Protect Loader: Advanced Go Shellcode Loading

Protect Loader Protect Loader is a shellcode loader written in pure golang designed to provide various security and evasion techniques for Go applications. It includes features such as shellcode loading, obfuscation, the use of...

EmoCheck

EmoCheck: Emotet detection tool for Windows OS

EmoCheck Emotet detection tool for Windows OS. How EmoCheck detects Emotet (v0.0.1) Emotet generates their process name from a specific word dictionary and C drive serial number. EmoCheck scans the running process on the...

HellBunny

HellBunny: Syscall Mastery Bypasses EDR

HellBunny The purpose of this research project was to develop a comprehensive understanding of the architecture and internals of the Windows operating system, including the Native API, the Process and Thread Environment Block, and...

AWS Threat Simulation and Detection

AWS Threat Detection with Stratus Red Team This repository is a documentation of my adventures with Stratus Red Team – a tool for adversary emulation for the cloud. Stratus Red Team is “Atomic Red Team for the...

Source Code Review

DakshSCRA: Source Code Review Assist

Daksh SCRA (Source Code Review Assist) Daksh SCRA (Source Code Review Assist) tool is built to enhance the efficiency of the source code review process, providing a well-structured and organized approach for code reviewers....