GDATASoftwareAG / TypeRefHasher
CLI tool to compute the TypeRefHash for .NET binaries.
☆20Updated 2 years ago
Related projects: ⓘ
- ☆31Updated 2 years ago
- Invoke-DetectItEasy is a wrapper for excelent tool called Detect-It-Easy. This PS module is very useful for Threat Hunting and Forensics.☆23Updated 2 years ago
- A Microsoft Windows service to provide telemetry on Windows executable memory page changes to facilitate threat detection☆28Updated 3 years ago
- Generates YARA rules to detect malware using API hashing☆17Updated 3 years ago
- Small tool to play with IOCs caused by Imageload events☆37Updated last year
- Extract data of TTD trace file to a minidump☆28Updated last year
- A spiritual .NET equivalent to the Gargoyle memory scanning evasion technique☆50Updated 5 years ago
- Collection of my own detection rules☆13Updated 7 months ago
- Specialized tool to dump Position Independent Code.☆21Updated 4 years ago
- ☆23Updated 9 months ago
- Tool to decrypt the configuration of NanoCore and dump all used plugins☆10Updated 3 years ago
- A set of tools for collecting forensic information☆24Updated 4 years ago
- Decode Royal Road RTF Weaponizer 8.t object☆22Updated 2 months ago
- Scripts, Yara rules and other files developed during malware investigations☆24Updated 2 years ago
- ☆12Updated 3 years ago
- A powershell parser for https://github.com/ufrisk/MemProcFS☆43Updated 3 years ago
- Converts exported results of CAPA tool from .json format to another formats supporting by different tools.☆21Updated 2 years ago
- ☆25Updated 9 months ago
- ☆23Updated 5 years ago
- An IDA plugin to deal with Event Tracing for Windows (ETW)☆49Updated 2 years ago
- Trace ScriptBlock execution for powershell v2☆39Updated 4 years ago
- Simple tool to use LsaManageSidNameMapping get LSA to add or remove SID to name mappings.☆23Updated 3 years ago
- Defeating Anti-Debugging Techniques for Malware Analysis☆13Updated last year
- Native Python3 bindings for @horsicq's Detect-It-Easy☆40Updated 2 weeks ago
- Notepad++ Syntax Highlighting for Languages Used by Cyber Security Professionals☆14Updated 4 years ago
- ☆18Updated 3 years ago
- ☆43Updated 10 months ago
- lnk_parser is a full rust implementation to parse windows LNK files☆16Updated last year
- Steezy - Ghetto Yara Generation☆15Updated last year
- Help deobfuscate VBScript☆15Updated 2 years ago