DissectMalware / batch_deobfuscator
Deobfuscate batch scripts obfuscated using string substitution and escape character techniques.
☆157Updated 2 years ago
Alternatives and similar repositories for batch_deobfuscator:
Users that are interested in batch_deobfuscator are comparing it to the libraries listed below
- A PowerShell script that attempts to help malware analysts hide their Windows VirtualBox Windows VM's from malware that may be trying to …☆289Updated last year
- A PowerShell script that attempts to help malware analysts hide their VMware Windows VM's from malware that may be trying to evade analys…☆340Updated 2 months ago
- The FLARE team's open-source library to disassemble Common Intermediate Language (CIL) instructions.☆163Updated 3 weeks ago
- Unprotect is a python tool for parsing PE malware and extract evasion techniques.☆114Updated last year
- Unpacker and Config Extractor for managed Redline Stealer payloads☆40Updated 2 years ago
- Dump quarantined files from Windows Defender☆62Updated 2 years ago
- Dynamic unpacker based on PE-sieve☆717Updated 2 weeks ago
- Gozi ISFB is a well-known and widely distributed banking trojan, and has been in the threat landscape for the past several years.☆63Updated 7 years ago
- Virus Exchange (VX) - Collection of malware or assembly code used for "offensive" purposed.☆180Updated 3 years ago
- Batch script to compile a binary shellcode blob into an exe file☆84Updated 5 years ago
- A Feature Rich Modular Malware Configuration Extraction Utility for MalDuck☆127Updated last year
- An automatic unpacker and logger for DotNet Framework targeting files☆252Updated last year
- Extract AutoIt scripts embedded in PE binaries☆181Updated 8 months ago
- VSCode extension for the YARA pattern matching language☆64Updated last year
- Malware Configuration Extraction Modules☆49Updated last year
- Repository of Yara Rules☆103Updated last month
- Various Process Injection Techniques☆148Updated 2 years ago
- Code snips and notes☆135Updated 3 years ago
- Unprotect is a collaborative platform dedicated to uncovering and documenting malware evasion techniques. We invite you to join us in thi…☆158Updated last month
- API Logger for Windows Executables☆78Updated 4 years ago
- ☆105Updated last year
- ShowStopper is a tool for helping malware researchers explore and test anti-debug techniques or verify debugger plugins or other solution…☆203Updated 2 years ago
- A more stealthy variant of "DLL hollowing"☆342Updated last year
- Parsers for custom malware formats ("Funky malware formats")☆96Updated 3 years ago
- A golang CLI tool to download malware from a variety of sources.☆142Updated last year
- A curated list of malware repositories, trackers and malware analysis tools☆83Updated 2 years ago
- Killing your preferred antimalware by abusing native symbolic links and NT paths.☆356Updated 3 years ago
- Leverage AMSI (Antimalware Scan Interface) technology to aid your analysis. This tool saves all buffers (scripts, .NET assemblies, etc) …☆108Updated 3 years ago
- PowerDecode is a PowerShell-based tool that allows to deobfuscate PowerShell scripts obfuscated across multiple layers. The tool performs…☆178Updated 11 months ago
- Bootkit for Windows Sandbox to disable DSE/PatchGuard.☆274Updated 5 months ago