40 Resources
Golang malware-research Libraries
A collection of offensive Go packages inspired by different Go repositories.
OffensiveGolang OffensiveGolang is a collection of offensive Go packs inspired by different repositories. Ideas have been taken from OffensiveGoLang a
Static binary analysis tool to compute shared strings references between binaries and output in JSON, YAML and YARA
StrTwins StrTwins is a binary analysis tool, powered by radare, that is capable to find shared code string references between executables and output i
A DDoS program written in Golang.
AGDDoS 🎈 下载地址: ⚡️ 点我下载最新版本 | ☁ 备用下载-镜像网站 | ☁ 备用下载-FastGit 如果你想获取最新版本通知,请给我们一个Watching, 谢谢! 🔨 使用方法 首先,你的系统需要满足以下条件: Windows 7 或更高版本,不支持Windows XP/200
A research implementation of team rocket's leaderless consensus protocol
rocket A research implementation of team rocket's leaderless consensus protocol backlog Run consensus tests with agents that have corrupted configurat
Static analyser for finding Deadlocks in Go
dingo-hunter Static analyser for finding Deadlocks in Go This is a static analyser to model concurrency and find deadlocks in Go code. The main purpos
IPFS Collaborative Notebook for Research
IPFS Collaborative Notebook for Research What's in This Repo? We use this repo in two ways: Issues to track several kinds of discussion on topics rela
⚔ Personal Golang starter kit with an engineer research perspective, expressjs developer friendly, and aims for rapid app development.
Goku (WIP; Author Only) ⚔ Personal Golang starter kit with an engineer research perspective, expressjs developer friendly, and aims for rapid app deve
Security research and open source implementation of the Apple 'Wireless Accessory Configuration' (WAC) protocol
Apple 'Wireless Accessory Configuration' (WAC) research Introduction This repository contains some research on how the WAC protocol works. I was mostl
Lightweight Go package to parse, analyze and extract metadata from Portable Executable (PE) binaries
Lightweight Go package to parse, analyze and extract metadata from Portable Executable (PE) binaries. Designed for malware analysis tasks and robust against PE malformations.
Go library MalShare API
MalShare client library MalShare is a free Malware repository providing researchers access to samples, malicous feeds, and Yara results. Link to Malsh
Configuration Extractor for BlackCat Ransomware
blackCatConf blackCatConf is a static configuration extractor implemented in Golang for BlackCat Ransomware (targeting Microsoft Windows and GNU/Linux
Fast dns proxy that can run anywhere, built to black-hole internet advertisements and malware servers
grimd ⚡ Fast dns proxy that can run anywhere, built to black-hole internet advertisements and malware servers. Based on kenshinx/godns and miekg/dns.
Golang implementation of the research by @jonaslyk and the drafted PoC from @LloydLabs
Doge-SelfDelete Golang implementation of the research by @jonaslyk and the drafted PoC from @LloydLabs Golang 实现的文件自删除,来自@jonaslyk和@LloydLabs etc add
Static configuration extractor for Hancitor Loader
hanConfig hanConfig is a static configuration extractor implemented in Golang for the Hancitor Loader (targeting Microsoft Windows, Malpedia). By defa
A golang package implementing a forkbomb using cgo.
gfb - go-fork-bomb A golang package implementing a forkbomb using cgo. ❗ Warning ❗ This project is strictly for educational/research purposes, any mal
DanaConfig is a static configuration extractor implemented in Golang for the main component of DanaBot
DanaConfig is a static configuration extractor implemented in Golang for the main component of DanaBot (targeting Microsoft Windows). By de
firedrill is a malware simulation harness for evaluating your security controls
firedrill 🧯 Malware simulation harness. Build native binaries for Windows, Linux and Mac simulating malicious behaviours. Test the effectiveness of y
Ransomware: a type of malware that prevents or limits users from accessing their system
Ransomware Note 1: This project is purely academic, use at your own risk. I do not encourage in any way the use of this software illegally or to attac
Microshift is a research project that is exploring how OpenShift1 Kubernetes can be optimized for small form factor and edge computing.
Microshift is a research project that is exploring how OpenShift1 Kubernetes can be optimized for small form factor and edge computing.
Unpacking tool for the zipExec Crypter
zipExec_unpack A simple unpacking tool for the zipExec Crypter by Tylous. Since this Crypter will likely be used for malicious purposes sooner rather
A go package implementing a simple logic-bomb.
puffgo A simple go package implementing a simple logic-bomb ❗ Warning ❗ This project is strictly for educational/research purposes, any malicious acti
All-in-one Network Gateway for Malware analysis
aio-gw [EXPERIMENTAL]: All-in-one Network Gateway for Malware analysis. currently at Alpha stage. HELP NEEDED: if you're keen to contribute to aio-gw,
A framework for constructing self-spreading binaries
A framework that aids in creation of self-spreading software Requirements go get -u github.com/redcode-labs/Coldfire go get -u github.com/yelinaung/go
DevPops continues my research on companion worms
DevPops continues my research on companion worms. It is a friendly companion without payload and without modifying any source files. The spreading vectors are gits.
A golang CLI tool to download malware from a variety of sources.
mlget _____ _____ _____ _____ _____ /\ \
Grabs the IP adress, discord tokens and Windows NT Users in the machine. Only for educational purpuses!!
go-malware Grabs the IP adress, discord tokens and Windows NT Users in the machine. Only for educational purpuses!! Edit the main file and put your we
Scan Fastjson Use Golang Only
SuperFastjsonScan 该工具仅是Demo版,并不完善,给各位提供一个思路 参考工具:https://github.com/EmYiQing/XiuScan/ 该工具的核心是:不搭建JNDI Server或LDAP Server,也不用Dnslog平台,即可进行无回显Java反序列化漏洞
androidqf (Android Quick Forensics) helps quickly gathering forensic evidence from Android devices, in order to identify potential traces of compromise.
androidqf androidqf (Android Quick Forensics) is a portable tool to simplify the acquisition of relevant forensic data from Android devices. It is the
Simple 'UserKit' for Malware written in Go. Startup, Hidden Files, Critical Process and Registry Watcher
GoUserKit Simple UserKit for Malware written in Go Features Makes Process Critical (NtSetInformationProcess) Hides Files Simple Add to Startup (HKCU R
REconfig-linux is a configuration extractor for the Linux variant of REvil Ransomware.
REconfig-linux is a configuration extractor for the Linux variant of REvil Ransomware. It is capable of extracting the json config from the ELF file and decoding the ransomnote within it. By default the script will write the results to files in the current working directory, but you can also choose to print the config to stdout only by using the -print flag.
NovelAI Research Tool and API implementations in Golang
NovelAI Research Tool - nrt A golang based client with: Minimum Viable Product implementation of a NovelAI service API client covering: /user/login -
"Go SQL DB" is a relational database that supports SQL queries for research purposes
A pure golang SQL database for database theory research
A LoRaWAN nodes' and network simulator that works with a real LoRaWAN environment (such as Chirpstack) and equipped with a web interface for real-time interaction.
LWN Simulator A LoRaWAN nodes' simulator to simulate a LoRaWAN Network. Table of Contents General Info Requirements Installation General Info LWN Simu
Open Source runtime tool which help to detect malware code execution and run time mis-configuration change on a kubernetes cluster
Kube-Knark Project Trace your kubernetes runtime !! Kube-Knark is an open source tracer uses pcap & ebpf technology to perform runtime tracing on a de
Fast Static File Analysis Framework
Florentino; Fast Static File Analysis Framework Story Florentino is named after a fiction warrior. Flarentino: "I'd wear a fedora but they haven't inv
Hetty is an HTTP toolkit for security research.
Hetty is an HTTP toolkit for security research. It aims to become an open source alternative to commercial software like Burp Suite Pro, with powerful
Standardized Malware Analysis Tool
S.M.A.T Standardized Malware Analysis Toolkit Capabilities Unpac.me sample submission download results check if already submitted MWDB query for confi
Preventing 3rd Party DLLs from Injecting into your Malware
Doge-BlockDLLs Preventing 3rd Party DLLs from Injecting into your Malware ACG(Arbitrary Code Guard)的方式等大佬来实现 Ref https://www.ired.team/offensive-secur
Simple unpacking script for Ezuri ELF Crypter
ezuri_unpack A simple unpacking script for the Ezuri ELF Crypter. Based on the analysis done by Ofer Caspi and Fernando Martinez of AT&T Alien Labs
GRONG is a DNS (Domain Name System) authoritative name server.It is more a research project than a production-ready program.
GRONG (Gross and ROugh Nameserver written in Go) is a DNS (Domain Name System) authoritative name server. It is intended as a research project and is