An exercise to practice deobfuscating PowerShell Scripts.
☆26Feb 10, 2023Updated 3 years ago
Alternatives and similar repositories for PowerShell-Deobfuscation-Exercise
Users that are interested in PowerShell-Deobfuscation-Exercise are comparing it to the libraries listed below
Sorting:
- Parser for Sdba memory pool tags☆21Jul 16, 2021Updated 4 years ago
- Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.☆32Nov 23, 2025Updated 3 months ago
- Evtx Log (xml) Browser☆56Mar 12, 2023Updated 3 years ago
- A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.☆44Jul 18, 2022Updated 3 years ago
- Threat Hunt Investigation Methodology and Procedure☆15Jul 11, 2022Updated 3 years ago
- ☆11Aug 3, 2018Updated 7 years ago
- FJTA (Forensic Journal Timeline Analyzer) is a tool that analyzes Linux filesystem (ext4, XFS) journals (not systemd-journald logs), gene…☆103Jan 13, 2026Updated 2 months ago
- ☆18Jul 4, 2019Updated 6 years ago
- Just Another broken Registry Parser (JARP)☆16May 23, 2024Updated last year
- Carve file metadata from NTFS index ($I30) attributes☆71Feb 3, 2024Updated 2 years ago
- Script for parsing Symantec Endpoint Protection logs, VBNs, and ccSubSDK database.☆65Dec 21, 2022Updated 3 years ago
- Browse Windows Prefetch versions: 17,23,26,30v1/2,31 & some of SuperFetch .7db/.db's☆64Dec 18, 2024Updated last year
- A .NET assembly tracer using Harmony for runtime method interception.☆50Oct 24, 2025Updated 4 months ago
- ETW forensic tool for Volatility3 plugin☆17Nov 15, 2024Updated last year
- Queries for parsed spotlight database in sqlite☆13Dec 29, 2020Updated 5 years ago
- IATelligence is a Python script that will extract the IAT of a PE file and request GPT to get more information about the API and the ATT&…☆383Dec 9, 2022Updated 3 years ago
- A JXA script for enumerating running processes, printed out in a json, parent-child tree.☆14Jan 28, 2022Updated 4 years ago
- My attempts at making life with VMware that little bit easier.☆11Aug 7, 2023Updated 2 years ago
- Awesome Splunk SPL hunt queries that can be used to detect the latest vulnerability exploitation attempts & subsequent compromise☆68Apr 29, 2024Updated last year
- Tools for macOS Forensic Bootable media☆16May 20, 2020Updated 5 years ago
- Slides and material from my conference presentations☆16Mar 30, 2024Updated last year
- Tool to decompress data from Windows 10 page files and memory dumps, that has been compressed by the Windows 10 memory manager.☆51Apr 9, 2019Updated 6 years ago
- PowerShell Script to facilitate the processing of SRUM data for on-the-fly forensics and if needed threat hunting☆23Oct 26, 2019Updated 6 years ago
- A library for fast parse & import of Windows Master File Table($MFT) into Elasticsearch.☆12Jun 23, 2025Updated 8 months ago
- An efficient tool for extracting files, directories, and alternate data streams directly from NTFS image files.☆22Mar 12, 2026Updated last week
- ☆35Oct 20, 2024Updated last year
- ☆21May 10, 2017Updated 8 years ago
- Parsers for .mdf file of Microsoft SQL Server (MSSQL)☆15Mar 28, 2020Updated 5 years ago
- Various Topics☆18Apr 30, 2025Updated 10 months ago
- Server for receiving autorun data from the clients☆13Sep 26, 2017Updated 8 years ago
- Event Tracing For Windows (ETW) Resources☆420Oct 30, 2025Updated 4 months ago
- A curated list of resources for DFIR through Microsoft Defender for Endpoint leveraging kusto queries, powershell scripts, tools such as …☆454Feb 18, 2026Updated last month
- This repository contains a variety of plugins and scripts, related to the Volatility framework.☆19Feb 9, 2025Updated last year
- extract and parse WEVT_TEMPLATEs from PE files☆18Dec 30, 2023Updated 2 years ago
- A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns.☆14Jul 18, 2018Updated 7 years ago
- A graphical ESE (aka ESENT or JET) database viewer.☆25Oct 26, 2015Updated 10 years ago
- Converts Sigma detection rules to a Splunk alert configuration.☆12Jul 1, 2021Updated 4 years ago
- Autopsy Module to analyze Registry Hives☆16Feb 18, 2022Updated 4 years ago
- Software installation scripts for macOS systems that allows you to setup a Virtual Machine (VM) for reverse engineering macOS malware☆38Feb 24, 2026Updated 3 weeks ago