GDATASoftwareAG / TypeRefHasher

Related projects: ⓘ

• woanware / etw-event-dumper
  ☆31Updated 2 years ago
• Dump-GUY / Invoke-DetectItEasy
  Invoke-DetectItEasy is a wrapper for excelent tool called Detect-It-Easy. This PS module is very useful for Threat Hunting and Forensics.
  ☆23Updated 2 years ago
• nccgroup / WindowsMemPageDelta
  A Microsoft Windows service to provide telemetry on Windows executable memory page changes to facilitate threat detection
  ☆28Updated 3 years ago
• tbarabosch / apihash_to_yara
  Generates YARA rules to detect malware using API hashing
  ☆17Updated 3 years ago
• thefLink / Hunt-Weird-ImageLoads
  Small tool to play with IOCs caused by Imageload events
  ☆37Updated last year
• airbus-cert / ttd2mdmp
  Extract data of TTD trace file to a minidump
  ☆28Updated last year
• WithSecureLabs / dotnet-gargoyle
  A spiritual .NET equivalent to the Gargoyle memory scanning evasion technique
  ☆50Updated 5 years ago
• cod3nym / detection-rules
  Collection of my own detection rules
  ☆13Updated 7 months ago
• MITRECND / picaboo
  Specialized tool to dump Position Independent Code.
  ☆21Updated 4 years ago
• trailofbits / WinDbg-JS
  ☆23Updated 9 months ago
• NexusFuzzy / NanoDump
  Tool to decrypt the configuration of NanoCore and dump all used plugins
  ☆10Updated 3 years ago
• DissectMalware / OfficeForensicTools
  A set of tools for collecting forensic information
  ☆24Updated 4 years ago
• nao-sec / rr_decoder
  Decode Royal Road RTF Weaponizer 8.t object
  ☆22Updated 2 months ago
• sisoma2 / malware_analysis
  Scripts, Yara rules and other files developed during malware investigations
  ☆24Updated 2 years ago
• StrangerealIntel / DeltaFlare
  ☆12Updated 3 years ago
• memprocfshunt / MemProcFSHunter
  A powershell parser for https://github.com/ufrisk/MemProcFS
  ☆43Updated 3 years ago
• Dump-GUY / CAPA_JsonConver
  Converts exported results of CAPA tool from .json format to another formats supporting by different tools.
  ☆21Updated 2 years ago
• connormcgarr / Presentations
  ☆25Updated 9 months ago
• mandiant / win10_auto
  ☆23Updated 5 years ago
• airbus-cert / etwbreaker
  An IDA plugin to deal with Event Tracing for Windows (ETW)
  ☆49Updated 2 years ago
• airbus-cert / PSTrace
  Trace ScriptBlock execution for powershell v2
  ☆39Updated 4 years ago
• tyranid / setsidmapping
  Simple tool to use LsaManageSidNameMapping get LSA to add or remove SID to name mappings.
  ☆23Updated 3 years ago
• whichbuffer / Antidebug
  Defeating Anti-Debugging Techniques for Malware Analysis
  ☆13Updated last year
• elastic / die-python
  Native Python3 bindings for @horsicq's Detect-It-Easy
  ☆40Updated 2 weeks ago
• DissectMalware / npp-langs-4-sec
  Notepad++ Syntax Highlighting for Languages Used by Cyber Security Professionals
  ☆14Updated 4 years ago
• mauronz / binja-emotet
  ☆18Updated 3 years ago
• jsecurity101 / LDAPMon
  ☆43Updated 10 months ago
• AbdulRhmanAlfaifi / lnk_parser
  lnk_parser is a full rust implementation to parse windows LNK files
  ☆16Updated last year
• schrodyn / steezy
  Steezy - Ghetto Yara Generation
  ☆15Updated last year
• mandiant / vbScript_deobfuscator
  Help deobfuscate VBScript
  ☆15Updated 2 years ago