DissectMalware / XLMMacroDeobfuscator
Extract and Deobfuscate XLM macros (a.k.a Excel 4.0 Macros)
☆568Updated 4 months ago
Related projects: ⓘ
- Standard collection of rules for capa: the tool for enumerating the capabilities of programs☆518Updated this week
- Analysis of malware and Cyber Threat Intel of APT and cybercriminals groups☆697Updated last year
- PowerShell script for deobfuscating encoded PowerShell scripts☆416Updated 3 years ago
- MBC content in markdown☆358Updated this week
- Anti-virus artifacts. Listing APIs hooked by: Avira, BitDefender, F-Secure, MalwareBytes, Norton, TrendMicro, and WebRoot.☆722Updated 2 years ago
- A collection of YARA rules we wish to share with the world, most probably referenced from http://blog.inquest.net.☆360Updated 2 years ago
- Dynamic unpacker based on PE-sieve☆650Updated 6 months ago
- IOC from articles, tweets for archives☆310Updated 9 months ago
- Malduck is your ducky companion in malware analysis journeys☆313Updated 3 months ago
- Collection of private Yara rules.☆317Updated last month
- The multi-platform memory acquisition tool.☆671Updated 2 months ago
- ☆1,980Updated last year
- Volatility plugin for extracts configuration data of known malware☆480Updated 8 months ago
- Repository of YARA rules made by Trellix ATR Team☆560Updated 8 months ago
- ☆1,457Updated 2 weeks ago
- ☆1,008Updated 9 months ago
- Moneta is a live usermode memory analysis tool for Windows with the capability to detect malware IOCs☆658Updated 6 months ago
- Distributed malware processing framework based on Python, Redis and S3.☆381Updated last week
- ☆722Updated last year
- c2 traffic☆187Updated last year
- LSASS memory dumper using direct system calls and API unhooking.☆1,469Updated 3 years ago
- Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the in…☆1,081Updated last year
- Collection of malware persistence and hunting information. Be a persistent persistence hunter!☆163Updated 3 weeks ago
- ☆503Updated last month
- Expriments☆438Updated 4 months ago
- ReversingLabs YARA Rules☆744Updated last week
- Sophos-originated indicators-of-compromise from published reports☆534Updated last week
- Evasions encyclopedia gathers methods used by malware to evade detection when run in virtualized environment. Methods are grouped into ca…☆376Updated 2 months ago
- Malware repository component for samples & static configuration with REST API interface.☆311Updated 2 weeks ago
- YARA malware query accelerator (web frontend)