DissectMalware / pyOneNote
A python library to parse OneNote (.one) files
☆131Updated 7 months ago
Alternatives and similar repositories for pyOneNote:
Users that are interested in pyOneNote are comparing it to the libraries listed below
- Rules Shared by the Community from 100 Days of YARA 2023☆77Updated last year
- YARA rule analyzer to improve rule quality and performance☆96Updated last month
- Elastic Security Labs releases☆57Updated 3 months ago
- A YARA rules repository continuously updated for monitoring the old and new threats from articles, incidents responses ...☆138Updated last year
- A C# based tool for analysing malicious OneNote documents☆110Updated last year
- Rules shared by the community from 100 Days of YARA 2024☆83Updated last month
- ☆65Updated this week
- Collection of rules created using YARA-Signator over Malpedia☆127Updated 3 months ago
- A repo that contains recursive directory listings (using PowerShell) of a vanilla (clean) install of every Windows OS version to compare …☆153Updated 2 months ago
- A parser of Windows Defender's DetectionHistory forensic artifact, containing substantial info about quarantined files and executables.☆112Updated 3 years ago
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆76Updated last year
- A guide on how to write fast and memory friendly YARA rules☆136Updated last week
- A forensic open-source parser module for Autopsy that allows extracting the messages, comments, posts, contacts, calendar entries and rea…☆80Updated 7 months ago
- JPCERT/CC public YARA rules repository☆106Updated 2 months ago
- Unprotect is a python tool for parsing PE malware and extract evasion techniques.☆113Updated last year
- Signature-based detection of malware features based on Windows API call sequences. It's like YARA for sandbox API traces!☆82Updated last year
- Python based CLI for MalwareBazaar☆36Updated 3 months ago
- This repository contains analysis scripts, YARA rules, and additional IoCs related to our Telekom Security blog posts.☆110Updated last year
- Carve file metadata from NTFS index ($I30) attributes☆63Updated last year
- Further investigation in to APT campaigns disclosed by private security firms and security agencies☆85Updated 2 years ago
- ☆232Updated 9 months ago
- A golang CLI tool to download malware from a variety of sources.☆142Updated last year
- A multi-threaded malware sample downloader based upon given MD-5/SHA-1/SHA-256 hashes, using multiple malware databases.☆30Updated last year
- Malware Configuration Extraction Modules☆48Updated last year
- Memory Baseliner is a script that can compare two windows memory images or perform frequency of occurrence / data stacking analysis on mu…☆51Updated last year
- ☆104Updated last year
- ☆112Updated this week
- http://moaistory.blogspot.com/2018/10/winsearchdbanalyzer.html☆121Updated 7 months ago
- Initial triage of Windows Event logs☆95Updated 8 months ago
- Multi-quarantine extractor☆40Updated 4 months ago