Skip to content

lacework-dev/LW_Ghidra_Scripts_PUBLIC

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits
ghidra_scripts
ghidra_scripts
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

LW_Ghidra_Scripts_PUBLIC

Ghidra scripts developed by Lacework Labs to aid in research and malware analysis.

Scripts

  • PwnKatien: A script to extract configuration information from Katien, Tsunami, and Ziggystratux IRC bots.

  • PwnRig: A script to extract configuration information from "PwnRig" Cryptocurrency miners.

  • HCRootkit_Sutersu: Extract embedded IPs from HC Rootkit samples.

  • HC_Dropper_ID: Identify embedded ELFs in coreutil dropper binaries.

About

Lacework Labs scripts for Malware analysis &Research

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

7 stars

Watchers

2 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages