smali/baksmali
Assembler/disassembler for the dex format used by Dalvik, Android's Java VM implementation.
TeamTNT is actively modifying its scripts after they were made public by security researchers. These scripts primarily target Amazon Web Services, but can also run in on-premise, container, or other forms of Linux instances. The group's payloads include credential stealers, cryptocurrency miners, persistence and lateral movement. TeamTNT scripts are also capable of disabling cloud security tools, such as Alibaba's aegis cloud security agent. The malware author modified these tools after they became aware that security researchers published the earlier version of the script. This intelligence is based on information provided by an intelligence partner.
Assembler/disassembler for the dex format used by Dalvik, Android's Java VM implementation.
A library for running basic functions from stripped binaries cross platform.
Guide on emulating Raspberry Pi with QEMU and exploring Arm TrustZone research.
GuardDog is a CLI tool for identifying malicious PyPI and npm packages through heuristics and Semgrep rules.
Automatic YARA rule generation for malware repositories.
A semi-automatic tool to generate YARA rules from virus samples.