Pinned Repositories
adobe-malware-classifier
cuckoo-headless
All the functionality of Cuckoo without all of the overhead
deepreflect
Discovering Malicious Functionality through Binary Reconstruction
dvdrip
Rip DVDs quickly and easily from the command line.
evandowning.github.io
My website
markov-text-generator
My implementation of a Markov text generator.
model-api-sequence
Creates ML model of sequence of API calls
usable-malware
Contains source code and instructions on how to compile and use historical malware.
vcf-converter
Converts VCF formats to different versions
windbg-trace
Use WinDBG to trace the Windows API calls of any Portable Executable file
evandowning's Repositories
evandowning/cuckoo-headless
All the functionality of Cuckoo without all of the overhead
evandowning/neo4j-benchmark
Timing various Neo4j queries
evandowning/cuckoo-diff
Determines similarities between malware runs (making sure malware is still malware after modification)
evandowning/model-api-frequency
Creates ML model of frequency of API calls
evandowning/Amsi-Bypass-Powershell
This repo contains some Amsi Bypass methods i found on different Blog Posts.
evandowning/EvadeML
An evolutionary framework for evading machine learning-based malware classifiers.
evandowning/EvilClippy
A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro analysis tools. Runs on Linux, OSX and Windows.
evandowning/Genius
evandowning/graphnn
Training computational graph on top of structured data (string, graph, etc)
evandowning/injection
evandowning/malheur
A Tool for Automatic Analysis of Malware Behavior
evandowning/malware_evasion_competition
evandowning/mlsploit-malwarelab
MLSploit malwarelab module
evandowning/mlsploit-network
MLSploit Network module
evandowning/model-api-existence
Creates ML model of existence of API calls
evandowning/NINA
NINA: No Injection, No Allocation x64 Process Injection Technique
evandowning/p0wnedShell
PowerShell Runspace Post Exploitation Toolkit
evandowning/packer-triage
Fast, elastic, static, ML-based malware packer identifier.
evandowning/payl
Implementation of PAYL
evandowning/polymorphic-blending
Implementation of Polymorphic Blending Attack
evandowning/PowerShell
Some .ps1 scripts for pentesting
evandowning/PowerSploit
PowerSploit - A PowerShell Post-Exploitation Framework
evandowning/pyseq
Python implementation of Needleman-Wunsch and Hirschberg algorithm.
evandowning/pytorch_structure2vec
pytorch implementation of structure2vec (https://arxiv.org/abs/1603.05629)
evandowning/theia-database
Implementation for THEIA AHG and anomaly detection
evandowning/theia-ki-target-agent
evandowning/UnpacMeClient
Python-based Client for the unpac.me service
evandowning/vxsig
Automatically generate AV byte signatures from sets of similar binaries.
evandowning/windows-privesc-check
Standalone Executable to Check for Simple Privilege Escalation Vectors on Windows Systems
evandowning/windows_sdk_data
Windows API listing in JSON format - generated from SDK headers + SDK API documentation