DissectMalware / batch_deobfuscatorLinks
Deobfuscate batch scripts obfuscated using string substitution and escape character techniques.
☆162Updated 2 years ago
Alternatives and similar repositories for batch_deobfuscator
Users that are interested in batch_deobfuscator are comparing it to the libraries listed below
Sorting:
- Extract AutoIt scripts embedded in PE binaries☆193Updated last year
- A PowerShell script that attempts to help malware analysts hide their Windows VirtualBox Windows VM's from malware that may be trying to …☆306Updated last month
- A PowerShell script that attempts to help malware analysts hide their VMware Windows VM's from malware that may be trying to evade analys…☆382Updated 7 months ago
- 👁🗨 This script will simulate fake processes of analysis sandbox/VM software that some malware will try to avoid.☆141Updated 2 months ago
- Batch script to compile a binary shellcode blob into an exe file☆88Updated 6 years ago
- Virus Exchange (VX) - Collection of malware or assembly code used for "offensive" purposed.☆187Updated 3 weeks ago
- Personal research and publication on malware families☆140Updated 8 months ago
- A Feature Rich Modular Malware Configuration Extraction Utility for MalDuck☆131Updated last year
- An automatic unpacker and logger for DotNet Framework targeting files☆256Updated 2 years ago
- Collection of malware persistence and hunting information. Be a persistent persistence hunter!☆181Updated last month
- Hatching Triage public command-line utility and API library.☆71Updated last year
- Metadata hash incorporating the Rich Header for robustness against packing and other malware tricks☆67Updated 4 years ago
- Unprotect is a python tool for parsing PE malware and extract evasion techniques.☆119Updated 2 years ago
- Research on Anti-malware and other related security solutions☆260Updated 5 years ago
- API Logger for Windows Executables☆78Updated 4 years ago
- A golang CLI tool to download malware from a variety of sources.☆150Updated last month
- ☆136Updated 5 months ago
- The FLARE team's open-source library to disassemble Common Intermediate Language (CIL) instructions.☆166Updated 3 weeks ago
- Dump quarantined files from Windows Defender☆65Updated 3 years ago
- ShowStopper is a tool for helping malware researchers explore and test anti-debug techniques or verify debugger plugins or other solution…☆214Updated 3 years ago
- Get-UnJlaive is tool which is able to reconstruct Jlaive (.NET Antivirus Evasion Tool (Exe2Bat)) to original Assembly and stub Assembly.☆22Updated 3 years ago
- ☆106Updated last year
- VirusTotal Intelligence Search☆38Updated 5 years ago
- Gozi ISFB is a well-known and widely distributed banking trojan, and has been in the threat landscape for the past several years.☆65Updated 7 years ago
- Malware Configuration Extraction Modules☆51Updated last year
- Win 10/11 related research☆192Updated last year
- PoC Thread Execution Hijacking for Win32 Code Injection☆178Updated last year
- A Python Bytecode Disassembler helping reverse engineers in dissecting Python binaries by disassembling and analyzing the compiled python…☆139Updated 2 years ago
- This script allows you to create various artifacts on a bare-metal Windows computer in an attempt to trick malwares that looks for VM or …☆287Updated last year
- Balbuzard is a package of malware analysis tools in python to extract patterns of interest from suspicious files (IP addresses, domain na…☆138Updated 5 years ago