A blog post discussing INF-SCT fetch and execute techniques for bypass, evasion, and persistence
VolatilityBot is an automation tool that eliminates guesswork and manual tasks from the binary extraction phase, automatically extracting executables, fetching new processes created in memory, detecting code injections, strings, IP addresses, and more. It also offers automated analysis of memory dumps using heuristics and YARA/Clam AV Scanners, making it useful for memory analysis at scale.
A blog post discussing INF-SCT fetch and execute techniques for bypass, evasion, and persistence
IDA Pro plugin for finding crypto constants
A tool to embed XXE and XSS payloads in various file formats
VMCloak is a tool for creating and preparing Virtual Machines for Cuckoo Sandbox.
Multi-cloud antivirus scanning API with CLAMAV and YARA support for AWS S3, Azure Blob Storage, and GCP Cloud Storage.
A collaborative malware analysis framework with various features for automated analysis tasks.