Python script to decode common encoded PowerShell scripts
☆217Jun 13, 2018Updated 7 years ago
Alternatives and similar repositories for PyPowerShellXray
Users that are interested in PyPowerShellXray are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Query and report user logons relations from MS Windows Security Events☆244Aug 9, 2018Updated 7 years ago
- Reconstruct process trees from event logs☆148Aug 12, 2020Updated 5 years ago
- A repo to hold some scripts pertaining WMI (Windows implementation of WBEM) forensics☆88Oct 6, 2017Updated 8 years ago
- VirusTotal Intelligence Notification Puller☆28Jun 29, 2016Updated 9 years ago
- PowerShell Obfuscation Detection Framework☆754Dec 1, 2023Updated 2 years ago
- NordVPN Special Discount Offer • AdSave on top-rated NordVPN 1 or 2-year plans with secure browsing, privacy protection, and support for for all major platforms.
- Force-Directed Graph Generator for Volatility Ouputs☆26Mar 3, 2019Updated 7 years ago
- POC Highlighting Obfuscation Techniques used by FIN threat actors based on cmd.exe's replace functionality and cmd.exe/powershell.exe's s…☆105Jul 2, 2017Updated 8 years ago
- Collection of PowerShell scripts☆451Dec 18, 2017Updated 8 years ago
- Windows registry samples☆24Nov 18, 2018Updated 7 years ago
- Malware Configuration And Payload Extraction☆761Nov 22, 2024Updated last year
- "Evolving AppCompat/AmCache data analysis beyond grep"☆208Sep 15, 2021Updated 4 years ago
- PowerForensics provides an all in one platform for live disk forensic analysis☆1,429Nov 16, 2023Updated 2 years ago
- Automated, Collection, and Enrichment Platform☆326Nov 14, 2019Updated 6 years ago
- A Windows Event Processing Utility☆47Feb 21, 2018Updated 8 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- ☆349Mar 19, 2021Updated 5 years ago
- ☆52Sep 17, 2018Updated 7 years ago
- A modern Python-3-based alternative to RegRipper☆212Mar 31, 2025Updated last year
- An open source framework for enterprise level automated analysis.☆393Jun 27, 2022Updated 3 years ago
- Currently not updated for WMIEvent module...☆262Feb 23, 2016Updated 10 years ago
- Scripts and code referenced in CrowdStrike blog posts☆340Nov 13, 2019Updated 6 years ago
- Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.☆939Dec 12, 2023Updated 2 years ago
- Codex Gigas malware DNA profiling search engine discovers malware patterns and characteristics assisting individuals who are attracted in…☆156Dec 20, 2019Updated 6 years ago
- Collect, Process, and Hunt with host based data from MacOS, Windows, and Linux☆506Oct 21, 2022Updated 3 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- CimSweep is a suite of CIM/WMI-based tools that enable the ability to perform incident response and hunting operations remotely across al…☆658Aug 19, 2019Updated 6 years ago
- 16,432 Free Yara rules created by☆391Jun 1, 2019Updated 6 years ago
- Various snippets created during malware analysis☆465Oct 3, 2025Updated 6 months ago
- Volatility Plugins☆22May 1, 2015Updated 10 years ago
- Registry to JSON. This Project is for learning purposes and is not maintained.☆12Dec 28, 2021Updated 4 years ago
- ☆312Aug 14, 2020Updated 5 years ago
- Carve NTFS USN records from binary data☆27May 21, 2017Updated 8 years ago
- Shows command lines used by latest instances analyzed on Hybrid-Analysis☆43Sep 18, 2018Updated 7 years ago
- A Yara rule generator for finding related samples and hunting☆164Sep 11, 2022Updated 3 years ago
- Wordpress hosting with auto-scaling on Cloudways • AdFully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
- Django web interface for managing Yara rules☆196Jul 28, 2018Updated 7 years ago
- Page File analysis tools.☆131Dec 3, 2015Updated 10 years ago
- VolatilityBot – An automated memory analyzer for malware samples and memory dumps☆269Jun 15, 2021Updated 4 years ago
- Proof of concept VBA code to add to Normal.dot to put restrictions on Word☆40Dec 20, 2016Updated 9 years ago
- Web interface for the Volatility Memory Forensics Framework☆260Nov 21, 2017Updated 8 years ago
- A VBA parser and emulation engine to analyze malicious macros.☆1,118Jul 10, 2024Updated last year
- IR-Tools - PowerShell tools for IR☆130Jul 10, 2017Updated 8 years ago