This is your work, valued
MALWARE + FASHION = UNICORN Reverse Engineering Malware twitter: @malwareunicorn
GoPEInjection. Golang PE injection on windows
170rusty-memory-loadlibrary. Load DLLs from memory with rust
141MacOS_VBA_Macro. Example VBA Macro for MacOS Mojave
66malware-unicorn.github.io. HTML
54BeatSaberCTFChallenge. Created a CTF challenge based on Beat Saber
40shellcode_tools. Miscellaneous tools written in Python, mostly centered around shellcodes.
35pteroioctl-hook. A driver to implement IOCTL hooking
27macho_shellcode_extractor. extracts shellcode from a nasm compile macho binary
17xori-og. Rust
16MFTparser. Encase Script to parse harddrive for MFT data
16maliciousaf. ctf repo
6xorbyte_decoder. Used to decode xor in zepto ransomware
6xori. Xori is an automation-ready disassembly and static analysis library for PE32, 32+ and shellcode
6zerokit. Zerokit (GAPZ rootkit)
5keybase-bot-api. This library uses the RPC system from keybase to communicate to the local keybase server for bots to use
4ghidra. Ghidra is a software reverse engineering (SRE) framework
4go-keybase-chat-bot. golang exploration keybase chat JSON API
3managed-bots. Keybase managed bots
3polarbearrepo. C++
3apptest.
3windows-dll-hijacking. Project for identifying executables and DLLs vulnerable to relative path DLL hijacking.
3RemoteTemplateInjectionDemo. Demo files for remote template injection of .dotm files into .docx
3matryoshka. CTF Challenge 2019
2Updated-Carbanak-Source-with-Plugins. https://twitter.com/itsreallynick/status/1120410950430089224
2binee. Binee: binary emulation environment
2pdbview. dump all available information from PDBs
1keybase-gitea-bot. Based on Keybase's Gitlab bot. Notifications in Keybase Teams for Gitea, using webhooks.
1gate. A specialized 2D game library
1radamsa-rs. Radamsa rust bindings
1