DissectMalware / batch_deobfuscatorLinks
Deobfuscate batch scripts obfuscated using string substitution and escape character techniques.
☆162Updated 2 years ago
Alternatives and similar repositories for batch_deobfuscator
Users that are interested in batch_deobfuscator are comparing it to the libraries listed below
Sorting:
- A PowerShell script that attempts to help malware analysts hide their VMware Windows VM's from malware that may be trying to evade analys…☆352Updated 4 months ago
- A PowerShell script that attempts to help malware analysts hide their Windows VirtualBox Windows VM's from malware that may be trying to …☆294Updated 2 years ago
- An automatic unpacker and logger for DotNet Framework targeting files☆252Updated last year
- Unprotect is a python tool for parsing PE malware and extract evasion techniques.☆114Updated 2 years ago
- Extract AutoIt scripts embedded in PE binaries☆184Updated 10 months ago
- ShowStopper is a tool for helping malware researchers explore and test anti-debug techniques or verify debugger plugins or other solution…☆205Updated 2 years ago
- Unprotect is a collaborative platform dedicated to uncovering and documenting malware evasion techniques. We invite you to join us in thi…☆165Updated 2 months ago
- The FLARE team's open-source library to disassemble Common Intermediate Language (CIL) instructions.☆165Updated last week
- Microsoft Windows DLL Export Browser (Enumerate Exports, COM Methods and Properties) with Advanced Search Features.☆222Updated 11 months ago
- Virus Exchange (VX) - Collection of malware or assembly code used for "offensive" purposed.☆180Updated 3 years ago
- Dynamic unpacker based on PE-sieve☆732Updated last week
- Bootkit for Windows Sandbox to disable DSE/PatchGuard.☆280Updated 7 months ago
- API Logger for Windows Executables☆78Updated 4 years ago
- Demos of various (also non standard) persistence methods used by malware☆221Updated 2 years ago
- Easy way to obfuscuate batch files (Windows)☆149Updated 2 years ago
- Parsers for custom malware formats ("Funky malware formats")☆96Updated 3 years ago
- Unpacker and Config Extractor for managed Redline Stealer payloads☆41Updated 2 years ago
- A Feature Rich Modular Malware Configuration Extraction Utility for MalDuck☆128Updated last year
- Evasions encyclopedia gathers methods used by malware to evade detection when run in virtualized environment. Methods are grouped into ca…☆409Updated 10 months ago
- Various Process Injection Techniques☆148Updated 2 years ago
- Repository of Yara Rules☆111Updated last month
- Command line access to the Registry☆147Updated last month
- Skrull is a malware DRM, that prevents Automatic Sample Submission by AV/EDR and Signature Scanning from Kernel. It generates launchers t…☆457Updated 3 years ago
- Obfuscate ECMA CIL (.NET IL) assemblies to evade Windows Defender AMSI☆236Updated last year
- Metadata hash incorporating the Rich Header for robustness against packing and other malware tricks☆65Updated 3 years ago
- Hatching Triage public command-line utility and API library.☆67Updated last year
- Official VirusTotal plugin for IDA Pro☆157Updated last year
- Process Ghosting - a PE injection technique, similar to Process Doppelgänging, but using a delete-pending file instead of a transacted fi…☆660Updated last year
- OffensivePH - use old Process Hacker driver to bypass several user-mode access controls☆333Updated 3 years ago
- ☆104Updated last year