ald3ns

sr detection engineer @ huntress | interested in reverse engineering, malware analysis, detection engineering, and threat research

Huntress

Pinned Repositories

2020submissions
Pwn2Win CTF 2020 flag submissions
0 0 00
beautifulhugo
Theme for the Hugo static website generator
Language:HTML0 0 00
build-vmware-drivers
A quick script to solve the annoying issue of VMware kernel drivers not building on cutting edge kernels.
Language:Shell0 1 01
copy-as-yara
This is a little plugin to copy disassembly in a way that is usable in YARA rules!
Language:Python41 3 21
geacon-config-extract
A small binja script to extract the config from ungarbled geacon/geacon plus samples.
Language:Python1 1 00
lightspy-emulation
A reimplementation of the LightSpy malware targeting both macOS and iOS.
21
XPR-dump
Helper scripts to automate the extraction of YARA rules from XProtectRemediators
Language:YARA18 3 01
xz-backdoor-github-analysis
A simple Jupyter Notebook to graph a users commit history over time, specifically looking at the author of the xz backdoor.
Language:Jupyter Notebook21 1 15

ald3ns's Repositories

ald3ns/copy-as-yara
This is a little plugin to copy disassembly in a way that is usable in YARA rules!
Language:Python41 3 21
ald3ns/xz-backdoor-github-analysis
A simple Jupyter Notebook to graph a users commit history over time, specifically looking at the author of the xz backdoor.
Language:Jupyter Notebook21 1 15
ald3ns/XPR-dump
Helper scripts to automate the extraction of YARA rules from XProtectRemediators
Language:YARA18 3 01
ald3ns/geacon-config-extract
A small binja script to extract the config from ungarbled geacon/geacon plus samples.
Language:Python1 1 00
ald3ns/2020submissions
Pwn2Win CTF 2020 flag submissions
0 0 00
ald3ns/beautifulhugo
Theme for the Hugo static website generator
Language:HTML0 0 00
ald3ns/build-vmware-drivers
A quick script to solve the annoying issue of VMware kernel drivers not building on cutting edge kernels.
Language:Shell0 1 01
ald3ns/CTFd
CTFs as you need them
Language:Python0 0 00
ald3ns/dawgctf-2020-writeups
Language:Python0 0 00
ald3ns/jawa-font
Made a font from the "Jawa Trade Language".
0 1 00
ald3ns/otx-hash-grabber
A simple script to grab all of the hashes for a malware family from OTX
Language:Python0 1 00
ald3ns/DefenderYara
Extracted Yara rules from Windows Defender mpavbase and mpasbase
Language:YARA0 0
ald3ns/I-S00N
ald3ns/pokemon-theme
Language:HTML0 0
ald3ns/shadowsocksr-native
翻墙从容穿越党国敏感日 ShadowsocksR (SSRoT) native implementation for all platforms, GFW terminator
Language:C0 0
ald3ns/tart
macOS and Linux VMs on Apple Silicon to use in CI and other automations
Language:Swift0 01
ald3ns/vt-cli
VirusTotal Command Line Interface
Language:Go0 0
ald3ns/yara-rules
YARA rules
1 0

ald3ns

Pinned Repositories

2020submissions

beautifulhugo

build-vmware-drivers

copy-as-yara

geacon-config-extract

lightspy-emulation

XPR-dump

xz-backdoor-github-analysis

ald3ns's Repositories

ald3ns/copy-as-yara

ald3ns/xz-backdoor-github-analysis

ald3ns/XPR-dump

ald3ns/geacon-config-extract

ald3ns/2020submissions

ald3ns/beautifulhugo

ald3ns/build-vmware-drivers

ald3ns/CTFd

ald3ns/dawgctf-2020-writeups

ald3ns/jawa-font

ald3ns/otx-hash-grabber

ald3ns/DefenderYara

ald3ns/I-S00N

ald3ns/pokemon-theme

ald3ns/shadowsocksr-native

ald3ns/tart

ald3ns/vt-cli

ald3ns/yara-rules