Alternatives and similar repositories for etw-scan:

Users that are interested in etw-scan are comparing it to the libraries listed below

• herosi / triage-collector
  ☆21Updated 4 months ago
• X-Junior / Malware-IDAPython-Scripts
  ☆22Updated 8 months ago
• FarghlyMal / Config-Extractors
  ☆25Updated 2 months ago
• elceef / yara-rulz
  Collection of generic YARA rules
  ☆15Updated 8 months ago
• bartblaze / DotNet-MetaData
  Identifies metadata of .NET binary files.
  ☆21Updated 10 months ago
• rbmm / Services
  ☆18Updated last month
• woanware / etw-event-dumper
  ☆33Updated 2 years ago
• n1ght-w0lf / pe-unmapper
  A small tool to unmap PE memory dumps.
  ☆11Updated last year
• airbus-cert / ttd2mdmp
  Extract data of TTD trace file to a minidump
  ☆28Updated last year
• milankovo / YaraVM
  This repository contains an IDA processor for loading and disassembling compiled yara rules.
  ☆34Updated last month
• JPCERTCC / SurfaceAnalysis-on-Cloud
  Surface Analysis System on Cloud
  ☆19Updated last year
• Dump-GUY / CAPA_JsonConver
  Converts exported results of CAPA tool from .json format to another formats supporting by different tools.
  ☆22Updated 3 years ago
• tbarabosch / apihash_to_yara
  Generates YARA rules to detect malware using API hashing
  ☆17Updated 3 years ago
• vysecurity / PacketParser
  A cap/pcap packet parser to make life easier when performing stealth/passive reconnaissance.
  ☆21Updated 7 months ago
• stairwell-inc / cobalt-strike-stager-parser
  ☆34Updated 2 years ago
• cod3nym / detection-rules
  Collection of my own detection rules
  ☆15Updated last year
• mandiant / vbScript_deobfuscator
  Help deobfuscate VBScript
  ☆15Updated 2 years ago
• Foolish1337 / kernel-programming
  Progress of learning kernel development
  ☆14Updated 2 years ago
• embee-research / Icedid-file-decryptor
  Static Decryptor for IcedID Malware
  ☆18Updated 2 years ago
• mandiant / win10_auto
  ☆24Updated 5 years ago
• fr0gger / MalwareMuncher
  Malware Muncher is a proof-of-concept Python script that utilizes the Frida framework for binary instrumentation and API hooking, enablin…
  ☆43Updated last year
• X-C3LL / memdlopen-lib
  ☆12Updated 2 years ago
• malsearchs / Static-Reverse-Engineering-SRE
  SRE - Dissecting Malware for Static Analysis & the Complete Command-line Tool
  ☆52Updated last month
• alexander-hanel / RenameLocalVars
  RenameLocalVars is an IDA plugin that renames local variables to something easier to read.
  ☆15Updated last year
• jfmaes / Emulation-Workshop
  The repository accompanying the Buer Emulation workshop
  ☆24Updated 3 years ago
• SIFalcon / Detection
  ☆22Updated last year
• randomaccess3 / block-parser
  Parser for Windows PowerShell script block logs
  ☆13Updated last month
• JPCERTCC / Lazarus-research
  Lazarus analysis tools and research report
  ☆55Updated last year
• jstrosch / subparse
  Modular malware analysis artifact collection and correlation framework
  ☆53Updated 9 months ago
• NextronSystems / gimphash
  Imphash-like calculation on Golang binaries
  ☆49Updated 2 years ago