Pinned Repositories
palaniyappanBala's Repositories
palaniyappanBala/AIL-framework
Analysis Information Leak framework. Project moved to https://github.com/ail-project
palaniyappanBala/aktaion2
Aktaion is a machine learning open source & active defense (orchestration) prototype. The tool focuses on the detection of exploits based on machine learning techniques, independent of static-based signatures.
palaniyappanBala/App-Locker
Blocks execution of certain applications.
palaniyappanBala/APT_CyberCriminal_Campagin_Collections
APT & CyberCriminal Campaign Collection
palaniyappanBala/BLUESPAWN
An Active Defense and EDR software to empower Blue Teams
palaniyappanBala/cyphon
Open source incident management and response platform.
palaniyappanBala/dfirt
Collect information of Windows PC when doing incident response
palaniyappanBala/ETW2JSON
Tool and library to convert ETW logs to JSON files
palaniyappanBala/EtwStream
Logs are event streams. EtwStream provides In-Process and Out-of-Process ObservableEventListener. Everything can compose and output to anywhere by Reactive Extensions.
palaniyappanBala/fips2zips
json used to find all the ZIP codes in a FIPS(Federal Information Processing Standards) code area
palaniyappanBala/flan-vulnerabilityscanner
A pretty sweet vulnerability scanner
palaniyappanBala/hidden-av-filterdrivers
🇺🇦 Windows driver with usermode interface which can hide processes, file-system and registry objects, protect processes and etc
palaniyappanBala/krabsetw
KrabsETW provides a modern C++ wrapper and a .NET wrapper around the low-level ETW trace consumption functions.
palaniyappanBala/LightningScanner
A lightning-fast memory pattern scanner, capable of scanning gigabytes of data per second.
palaniyappanBala/LiSa
Sandbox for automated Linux malware analysis.
palaniyappanBala/lkrg
Linux Kernel Runtime Guard (LKRG). Linux Kernel Runtime Integrity Checking and Exploit Detection. Debian packaging fork only. Fork Homepage: https://www.whonix.org/wiki/Linux_Kernel_Runtime_Guard_LKRG Upstream original: https://www.openwall.com/lkrg/
palaniyappanBala/Microsoft.Diagnostics.Tracing.Logging
.NET library for logging data via EventSource/ETW
palaniyappanBala/Owlyshield
Owlyshield is an EDR framework designed to safeguard vulnerable applications from potential exploitation (C&C, exfiltration and impact).
palaniyappanBala/psexec_noinstall
Repository contains psexec, which will help to exploit the forgotten pipe
palaniyappanBala/pypsexec
Remote Windows execution like PsExec on Python
palaniyappanBala/pywintrace
ETW Python Library
palaniyappanBala/ransomware_detection
:arrows_counterclockwise: Ransomware recovery app for Nextcloud
palaniyappanBala/RmEye
戎码之眼是一个window上的基于att&ck模型的威胁监控工具.有效检测常见的未知威胁与已知威胁.防守方的利剑
palaniyappanBala/Sealighter
Sysmon-Like research tool for ETW
palaniyappanBala/sigar
System Information Gatherer And Reporter
palaniyappanBala/ved-ebpf
VED-eBPF: Kernel Exploit and Rootkit Detection using eBPF
palaniyappanBala/wdd
dd for Windows
palaniyappanBala/whids
Open Source EDR for Windows
palaniyappanBala/WinPmem
The multi-platform memory acquisition tool. ram dump tool
palaniyappanBala/yara-forge
Automated YARA Rule Standardization and Quality Assurance Tool