Kaiser File-less Persistence is a discontinued project with capabilities for attacks and anti-forensic activities on Windows 7 32-bit systems. To build and use, compile Kaiser.dll in Release mode, upload it for direct download, update BuildKaiser.ps1 with the URL, run the script to build Payload.ps1, upload Payload.ps1 for direct download, update BuildKaiser.ps1 with the URL of Payload.ps1, run BuildKaiser.ps1 to build Installer.ps1, and execute Installer.ps1 with administrative privileges on the target machine. Known bugs include threaded XxxNetSend sends buffering and PurgeXxx functions not guaranteed to work.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
yextend extends Yara's functionality by automatically handling archived and compressed content inflation, enabling pattern matching on files buried within multiple layers of archives.
Intezer is a cloud-based malware analysis platform that detects and classifies malware using genetic code analysis.
A binary analysis and management framework for organizing and analyzing malware and exploit samples, and creating plugins.
An open source machine code decompiler that converts binary executables into readable C source code across multiple architectures and file formats.
A tool that extracts and deobfuscates strings from malware binaries using advanced static analysis techniques.
CAPA is a static analysis tool that detects and reports capabilities in executable files across multiple formats, mapping findings to MITRE ATT&CK tactics and techniques.
An open source .NET deobfuscator and unpacker that restores packed and obfuscated assemblies by reversing various obfuscation techniques.
Joe Sandbox Community provides automated cloud-based malware analysis across multiple OS platforms.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.