issues
search
alichtman
/
malware-techniques
A collection of techniques commonly used in malware to accomplish core tasks.
MIT License
85
stars
8
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
VM-Detection
#44
alichtman
opened
5 years ago
0
Fix IDAnt-wanna submodule
#43
alichtman
opened
5 years ago
0
macOS Swizzling
#42
alichtman
opened
5 years ago
0
Install Certificate
#41
alichtman
closed
5 years ago
0
Macos screencapture
#40
alichtman
closed
5 years ago
0
Add mouse activity detection on macOS 10.14.4
#39
alichtman
closed
5 years ago
0
Research
#38
alichtman
opened
5 years ago
0
Create LICENSE
#37
alichtman
closed
5 years ago
0
Add detectUserActivity instructions
#36
alichtman
closed
5 years ago
0
Anti-autoanlysis reorganization
#35
alichtman
closed
5 years ago
0
Use choice library function
#34
alichtman
closed
5 years ago
0
Calculate checksum of program in memory and compare to expected
#33
alichtman
opened
5 years ago
0
Replace with util function
#32
alichtman
closed
5 years ago
0
Add screencapture macOS script
#31
alichtman
closed
5 years ago
0
Make macOS anti-autoanalysis use something like sniffMK
#30
alichtman
closed
5 years ago
1
Add crontab persistence and LoginHook persistence
#29
alichtman
closed
5 years ago
0
Backdoors?
#28
alichtman
opened
5 years ago
0
Remote Mac Exploitation via Custom URL Schemes
#27
alichtman
opened
5 years ago
0
Dynamic Library Constructor Attack
#26
alichtman
opened
5 years ago
0
More Persistence Methods
#25
alichtman
closed
5 years ago
0
Macos pt deny attach advanced
#24
alichtman
closed
5 years ago
0
macOS Anti-Debug
#23
alichtman
opened
5 years ago
1
Refactor sleep anti-sandbox techniqe into new file
#22
alichtman
closed
5 years ago
0
Add macos exception ports anti-debug technique
#21
alichtman
closed
5 years ago
0
Detect VMware with asm trick
#20
alichtman
closed
5 years ago
0
Test and document all programs
#19
alichtman
opened
5 years ago
0
Automate building
#18
alichtman
opened
5 years ago
1
Add More Persistence Methods
#17
alichtman
opened
5 years ago
0
Detect debugging with mach exception handler
#16
alichtman
closed
5 years ago
0
Detect if PT_DENY_ATTACH attack worked
#15
alichtman
closed
5 years ago
0
README
#14
alichtman
closed
5 years ago
0
Obfuscation
#13
alichtman
opened
5 years ago
0
Look for mouse events
#12
alichtman
closed
5 years ago
0
Do something with ELF/mach-o Headers
#11
alichtman
closed
5 years ago
3
Timing Attack, similar to Locky
#10
alichtman
opened
5 years ago
1
Set a timer and wait for a long time to defeat sandboxed analysis
#9
alichtman
closed
5 years ago
0
Refactor method get_all_processes out so it can be reused
#8
alichtman
closed
5 years ago
1
Make project compile
#7
alichtman
closed
5 years ago
0
Look for running processes with reverse engineering tools
#6
alichtman
closed
5 years ago
0
Look for reverse engineering tools in $PATH
#5
alichtman
closed
5 years ago
0
Look for VMware Processes
#4
alichtman
opened
5 years ago
0
Detect debugging of binary with ptrace
#3
alichtman
closed
5 years ago
0
Detect VMWare with inline assembly
#2
alichtman
closed
5 years ago
2
Look for VMware files
#1
alichtman
closed
5 years ago
1