Search Results for "malware"

Volatility is a widely used open-source framework for analyzing memory captures (RAM dumps) from Windows, Linux, and macOS systems. It enables investigators and malware analysts to extract process lists, network connections, DLLs, strings, artifacts, and more. Volatility supports many plugins for detecting hidden processes, malware, rootkits, and event tracing. It’s essential in digital forensics and incident response workflows.

Maltrail is a malicious traffic detection system, utilizing publicly available (black)lists containing malicious and/or generally suspicious trails, along with static trails compiled from various AV reports and custom user-defined lists, where trail can be anything from domain name, URL, IP address (e.g. 185.130.5.231 for the known attacker) or HTTP User-Agent header value (e.g. sqlmap for automatic SQL injection and database takeover tool). Also, it uses (optional) advanced heuristic mechanisms that can help in the discovery of unknown threats (e.g. new malware). Sensor(s) is a standalone component running on the monitoring node (e.g. Linux platform connected passively to the SPAN/mirroring port or transparently inline on a Linux bridge) or at the standalone machine (e.g. Honeypot) where it "monitors" the passing Traffic for blacklisted items/trails (i.e. domain names, URLs and/or IPs).

What is DracOS GNU/Linux Remastered ? DracOS GNU/Linux Remastered ( https://github.com/dracos-linux ) is the Linux operating system from Indonesia , open source is built based on Debian live project under the protection of the GNU General Public License v3.0. This operating system is one variant of Linux distributions, which is used to perform security testing (penetration testing). Dracos linux in Arm by hundreds hydraulic pentest, forensics and reverse engineering. Use a GUI-based...

...Just download and install and use as an alternative for typical Notepad. This application is compiled from the Pyinstaller library so don't mind there is a vulnerability or something the antivirus program might show it as malware or trojan this happens with most of the apps compiled from the Pyinstaller library. So No worries There is not any malware or virus in the app. the source code is available on GitHub you can simply checkout it. Thank you ...!

Dr0p1t-Framework is a penetration testing tool designed to generate advanced and stealthy droppers capable of delivering and executing payloads on target systems while evading detection mechanisms. A dropper is a type of malware used to download and install additional malicious software, and this framework focuses on making that process more flexible and difficult to detect. It provides a wide range of modules that allow users to customize payload delivery, persistence mechanisms, and execution methods. The framework includes features such as antivirus evasion, privilege escalation, and system persistence, enabling it to maintain access on compromised systems. ...

Adobe Malware Classifier is a command-line tool that lets antivirus analysts, IT administrators, and security researchers quickly and easily determine if a binary file contains malware, so they can develop malware detection signatures faster, reducing the time in which users' systems are vulnerable. Malware Classifier uses machine learning algorithms to classify Win32 binaries – EXEs and DLLs – into three classes: 0 for “clean,” 1 for “malicious,” or “UNKNOWN.” ...

EaseFilter Folder Locker is a Windows file and folder protection solution built on the EaseFilter File Control, Encryption and Process Filter Driver SDK. It lets you lock, hide, and restrict access to files and folders in real time to prevent unauthorized access or modification. With the folder locker you can prevent your protected files being read,written,deleted, renamed, copied out of the protected folder, allow you to authorize or deny the file access to specific user or process, also...

The EaseFilter Filter Driver SDK is a collection of tools, libraries, and sample code designed to facilitate the creation of Windows file system filter drivers. These drivers operate at a low level, intercepting file I/O requests before they reach the underlying file system or other filter drivers. The EaseFilter SDK provides a powerful interface for developing Windows filter drivers in C++, C#, or other programming languages that support native DLL calls. This guide helps developers...

The EaseFilter Registry Filter Driver SDK is a powerful, kernel-mode development toolkit designed to help developers monitor, control, and protect Windows registry operations in real time. It enables the development of robust security, compliance, and system integrity solutions by intercepting and managing registry access before it reaches the Windows registry subsystem. The SDK allows your application to receive notifications before any registry operation is processed by the Windows...