Pinned Repositories
blackCatConf
Configuration Extractor for BlackCat Ransomware
configmatter-linux
Static configuration extractor for the ESXI/Linux variant of BlackMatter Ransomware
configmatter-windows
Configuration Extractor for the Windows variant of BlackMatter Ransomware
configwalker
Netwalker Ransomware Config Extractor
danaConfig
Static configuration extractor for DanaBot (main component)
ezuri_unpack
Simple unpacking script for Ezuri ELF Crypter
MalwareLab_VM-Setup
Setup scripts for my Malware Analysis VMs
REconfig-linux
Configuration Extractor for the Linux variant of REvil Ransomware
yara_rules
A collection of yara rules that I created during analysis / for blog posts
zipExec_unpack
Unpacking tool for the zipExec Crypter
f0wl's Repositories
f0wl/MalwareLab_VM-Setup
Setup scripts for my Malware Analysis VMs
f0wl/blackCatConf
Configuration Extractor for BlackCat Ransomware
f0wl/ezuri_unpack
Simple unpacking script for Ezuri ELF Crypter
f0wl/zipExec_unpack
Unpacking tool for the zipExec Crypter
f0wl/configwalker
Netwalker Ransomware Config Extractor
f0wl/yara_rules
A collection of yara rules that I created during analysis / for blog posts
f0wl/REconfig-linux
Configuration Extractor for the Linux variant of REvil Ransomware
f0wl/danaConfig
Static configuration extractor for DanaBot (main component)
f0wl/configzone
Configuration Extractor for Warzone RAT
f0wl/deICEr
A crude Config Extractor for IcedID second stage Loaders (Zero2Auto Week 0x02)
f0wl/inMediasREs
A static analysis tool built with Go and TermUI
f0wl/avaddon-strings
String Decrypter for Avaddon Ransomware
f0wl/hanconfig
Static configuration extractor for Hancitor Loader
f0wl/CitrixHoneypot
Detect and log CVE-2019-19781 scan and exploitation attempts.
f0wl/configmatter-windows
Configuration Extractor for the Windows variant of BlackMatter Ransomware
f0wl/Daily-dose-of-malware
Script lets you gather malicious software and c&c servers from open source platforms like Malshare, Malcode, Google, Cymon - vxvault, cybercrime tracker and c2 for Pony.
f0wl/de4dot
.NET deobfuscator and unpacker.
f0wl/Detection
f0wl/f0wl
Special Repository for Account Readme
f0wl/fakematter
Command&Control emulator for BlackMatter ransomware (ESXi/Linux)
f0wl/huan_unpack
Unpacking script for the Huan PE Crypter
f0wl/MalwareSourceCode
Collection of malware source code for a variety of platforms in an array of different programming languages.
f0wl/viper
Binary analysis and management framework
f0wl/configmatter-linux
Static configuration extractor for the ESXI/Linux variant of BlackMatter Ransomware
f0wl/bootguard-status
A list of mainboards with BootGuard status
f0wl/GootJasperDeobfuscator
A deobfuscation script for Gootkit / Jasper Loader Malware
f0wl/gotools
Plugin for Ghidra to assist reversing Golang binaries
f0wl/REHelper
REHelper is an utility for initial binary analysis.
f0wl/RemillWorkshop
f0wl/Unprotect_Submission
Repository to publish your evasion techniques and contribute to the project