This is your work, valued

San Francisco

malwareunicorn

Elite
@malware-unicorn

MALWARE + FASHION = UNICORN Reverse Engineering Malware twitter: @malwareunicorn

GoPEInjection. Golang PE injection on windows

170

rusty-memory-loadlibrary. Load DLLs from memory with rust

141

MacOS_VBA_Macro. Example VBA Macro for MacOS Mojave

66

malware-unicorn.github.io. HTML

54

BeatSaberCTFChallenge. Created a CTF challenge based on Beat Saber

40

shellcode_tools. Miscellaneous tools written in Python, mostly centered around shellcodes.

35

pteroioctl-hook. A driver to implement IOCTL hooking

27

macho_shellcode_extractor. extracts shellcode from a nasm compile macho binary

17

xori-og. Rust

16

MFTparser. Encase Script to parse harddrive for MFT data

16

maliciousaf. ctf repo

6

xorbyte_decoder. Used to decode xor in zepto ransomware

6

xori. Xori is an automation-ready disassembly and static analysis library for PE32, 32+ and shellcode

6

zerokit. Zerokit (GAPZ rootkit)

5

keybase-bot-api. This library uses the RPC system from keybase to communicate to the local keybase server for bots to use

4

ghidra. Ghidra is a software reverse engineering (SRE) framework

4

go-keybase-chat-bot. golang exploration keybase chat JSON API

3

managed-bots. Keybase managed bots

3

polarbearrepo. C++

3

apptest.

3

windows-dll-hijacking. Project for identifying executables and DLLs vulnerable to relative path DLL hijacking.

3

RemoteTemplateInjectionDemo. Demo files for remote template injection of .dotm files into .docx

3

matryoshka. CTF Challenge 2019

2

Updated-Carbanak-Source-with-Plugins. https://twitter.com/itsreallynick/status/1120410950430089224

2

binee. Binee: binary emulation environment

2

pdbview. dump all available information from PDBs

1

keybase-gitea-bot. Based on Keybase's Gitlab bot. Notifications in Keybase Teams for Gitea, using webhooks.

1

gate. A specialized 2D game library

1

radamsa-rs. Radamsa rust bindings

1