An exercise to practice deobfuscating PowerShell Scripts.
☆26Feb 10, 2023Updated 3 years ago
Alternatives and similar repositories for PowerShell-Deobfuscation-Exercise
Users that are interested in PowerShell-Deobfuscation-Exercise are comparing it to the libraries listed below
Sorting:
- Just Another broken Registry Parser (JARP)☆16May 23, 2024Updated last year
- Parser for Sdba memory pool tags☆21Jul 16, 2021Updated 4 years ago
- Evtx Log (xml) Browser☆56Mar 12, 2023Updated 2 years ago
- Carve file metadata from NTFS index ($I30) attributes☆71Feb 3, 2024Updated 2 years ago
- A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.☆43Jul 18, 2022Updated 3 years ago
- Queries for parsed spotlight database in sqlite☆13Dec 29, 2020Updated 5 years ago
- My attempts at making life with VMware that little bit easier.☆11Aug 7, 2023Updated 2 years ago
- Server for receiving autorun data from the clients☆13Sep 26, 2017Updated 8 years ago
- A library for fast parse & import of Windows Master File Table($MFT) into Elasticsearch.☆12Jun 23, 2025Updated 8 months ago
- ☆11Aug 3, 2018Updated 7 years ago
- Slides and material from my conference presentations☆16Mar 30, 2024Updated last year
- FJTA (Forensic Journal Timeline Analyzer) is a tool that analyzes Linux filesystem (ext4, XFS) journals (not systemd-journald logs), gene…☆103Jan 13, 2026Updated last month
- Tools for macOS Forensic Bootable media☆15May 20, 2020Updated 5 years ago
- Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.☆32Nov 23, 2025Updated 3 months ago
- A JXA script for enumerating running processes, printed out in a json, parent-child tree.☆14Jan 28, 2022Updated 4 years ago
- Parsers for .mdf file of Microsoft SQL Server (MSSQL)☆15Mar 28, 2020Updated 5 years ago
- ☆18Jul 4, 2019Updated 6 years ago
- Scripts and tools created for appx analysis talk (Magnet summit 2019)☆19Feb 26, 2024Updated 2 years ago
- Analysis of the major exploits that took place on the Ethereum blockchain☆17Oct 31, 2022Updated 3 years ago
- Software installation scripts for macOS systems that allows you to setup a Virtual Machine (VM) for reverse engineering macOS malware☆38Jun 26, 2025Updated 8 months ago
- Backstage Parser☆33Jun 23, 2022Updated 3 years ago
- Threat Hunt Investigation Methodology and Procedure☆15Jul 11, 2022Updated 3 years ago
- This repository contains a variety of plugins and scripts, related to the Volatility framework.☆17Feb 9, 2025Updated last year
- An efficient tool for extracting files, directories, and alternate data streams directly from NTFS image files.☆22Updated this week
- ☆15Sep 26, 2022Updated 3 years ago
- ETW forensic tool for Volatility3 plugin☆17Nov 15, 2024Updated last year
- Autopsy Module to analyze Registry Hives☆16Feb 18, 2022Updated 4 years ago
- Browse Windows Prefetch versions: 17,23,26,30v1/2,31 & some of SuperFetch .7db/.db's☆64Dec 18, 2024Updated last year
- macOS Artifact Intelligence Tool☆13Apr 30, 2019Updated 6 years ago
- Malformed Access Log to CSV - Convert Web Server Access Logs to CSV☆18Sep 3, 2024Updated last year
- CryptnetURLCacheParser is a tool to parse CryptAPI cache files☆20Aug 3, 2024Updated last year
- extract and parse WEVT_TEMPLATEs from PE files☆18Dec 30, 2023Updated 2 years ago
- ☆35Oct 20, 2024Updated last year
- Script for parsing Symantec Endpoint Protection logs, VBNs, and ccSubSDK database.☆64Dec 21, 2022Updated 3 years ago
- Python web app for previewing data in a Chrome Profile Folder☆23Jul 1, 2024Updated last year
- Helper scripts to automate the extraction of YARA rules from XProtectRemediators☆22Mar 5, 2024Updated last year
- ☆20Jan 10, 2025Updated last year
- Shows command lines used by latest instances analyzed on Hybrid-Analysis☆43Sep 18, 2018Updated 7 years ago
- Tool to decompress data from Windows 10 page files and memory dumps, that has been compressed by the Windows 10 memory manager.☆51Apr 9, 2019Updated 6 years ago