Category: Malware Defense
apkInspector apkInspector is a tool designed to provide detailed insights into the zip structure of APK files, offering the capability to extract the content and decode the AndroidManifest.xml file. What sets APKInspector apart is...
Kdrill Kdrill is a tool to analyze the kernel land of Windows 64b systems (tested from Windows 7 to Windows 11). Its main objective is to assess if the kernel is compromised by a...
DA_Plugin_AntiDebugSeeker Through this tool, users can automatically extract potential anti-debugging methods used by malware, making it easier for analysts to take appropriate action. The main functionalities of this plugin are as follows: Extraction of...
Frida-Jit-unPacker The Frida-Jit-unPacker aims to help researchers and analysts understand the behavior of malicious .NET packed samples in order to provide a mitigation. This tool uses the Frida instrumentation toolkit to inject scripts into the CLR...
HuntRthys HuntRthys is a specific, modern, and fast command and control detection tool written to detect Command and Control (C2) servers used by the Rhadamanthys Stealer Malware. HuntRthys provides the most reliable and fastest...
Maltrail Maltrail is a malicious traffic detection system, utilizing publicly available (black)lists containing malicious and/or generally suspicious trails, along with static trails compiled from various AV reports and custom user-defined lists, where the trail...
GTPDOOR Scan A multithreaded network scanner to scan for hosts infected with the GTPDOOR malware. Technical writeup here. Three detection methods are supported: ACK scan (detects GTPDOOR v2) TCP connect scan (detects GTPDOOR v2) GTP-C...
MultCheck MultCheck is a malware-analysis tool that can be used to test the detection of a file by multiple AV engines. It is designed to be easy to use and to be able to...