JohnLaTwC/PyPowerShellXray external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

JohnLaTwC/PyPowerShellXray

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/JohnLaTwC/PyPowerShellXray)

Close

JohnLaTwC / PyPowerShellXrayView on GitHubMore

• External links
• Readme badge

Python script to decode common encoded PowerShell scripts

☆216Jun 13, 2018Updated 7 years ago

Alternatives and similar repositories for PyPowerShellXray

Users that are interested in PyPowerShellXray are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• THIBER-ORG / userline

  View on GitHub
  Query and report user logons relations from MS Windows Security Events
  ☆243Aug 9, 2018Updated 7 years ago
• williballenthin / process-forest

  View on GitHub
  Reconstruct process trees from event logs
  ☆148Aug 12, 2020Updated 5 years ago
• darkquasar / WMI_Persistence

  View on GitHub
  A repo to hold some scripts pertaining WMI (Windows implementation of WBEM) forensics
  ☆88Oct 6, 2017Updated 8 years ago
• swackhamer / vt_notification_puller

  View on GitHub
  VirusTotal Intelligence Notification Puller
  ☆28Jun 29, 2016Updated 9 years ago
• danielbohannon / Revoke-Obfuscation

  View on GitHub
  PowerShell Obfuscation Detection Framework
  ☆753Dec 1, 2023Updated 2 years ago
• Virtual machines for every use case on DigitalOcean • Ad
  Get dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
• bonifield / volatilityGrapher

  View on GitHub
  Force-Directed Graph Generator for Volatility Ouputs
  ☆26Mar 3, 2019Updated 7 years ago
• danielbohannon / Out-FINcodedCommand

  View on GitHub
  POC Highlighting Obfuscation Techniques used by FIN threat actors based on cmd.exe's replace functionality and cmd.exe/powershell.exe's s…
  ☆108Jul 2, 2017Updated 8 years ago
• Arno0x / PowerShellScripts

  View on GitHub
  Collection of PowerShell scripts
  ☆451Dec 18, 2017Updated 8 years ago
• msuhanov / regf-samples

  View on GitHub
  Windows registry samples
  ☆24Nov 18, 2018Updated 7 years ago
• ctxis / CAPE

  View on GitHub
  Malware Configuration And Payload Extraction
  ☆760Nov 22, 2024Updated last year
• mbevilacqua / appcompatprocessor

  View on GitHub
  "Evolving AppCompat/AmCache data analysis beyond grep"
  ☆212Sep 15, 2021Updated 4 years ago
• Invoke-IR / PowerForensics

  View on GitHub
  PowerForensics provides an all in one platform for live disk forensic analysis
  ☆1,435Nov 16, 2023Updated 2 years ago
• Invoke-IR / ACE

  View on GitHub
  Automated, Collection, and Enrichment Platform
  ☆326Nov 14, 2019Updated 6 years ago
• devgc / EventMonkey

  View on GitHub
  A Windows Event Processing Utility
  ☆47Feb 21, 2018Updated 8 years ago
• Wordpress hosting with auto-scaling - Free Trial Offer • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• beahunt3r / Windows-Hunting

  View on GitHub
  ☆350Mar 19, 2021Updated 5 years ago
• matthastings / PSalander

  View on GitHub
  ☆52Sep 17, 2018Updated 7 years ago
• airbus-cert / regrippy

  View on GitHub
  A modern Python-3-based alternative to RegRipper
  ☆215May 12, 2026Updated 3 weeks ago
• Invoke-IR / Uproot

  View on GitHub
  Currently not updated for WMIEvent module...
  ☆263Feb 23, 2016Updated 10 years ago
• PUNCH-Cyber / stoq

  View on GitHub
  An open source framework for enterprise level automated analysis.
  ☆392Jun 27, 2022Updated 3 years ago
• CrowdStrike / Forensics

  View on GitHub
  Scripts and code referenced in CrowdStrike blog posts
  ☆340Nov 13, 2019Updated 6 years ago
• MHaggis / sysmon-dfir

  View on GitHub
  Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.
  ☆940Dec 12, 2023Updated 2 years ago
• codexgigassys / codex-backend

  View on GitHub
  Codex Gigas malware DNA profiling search engine discovers malware patterns and characteristics assisting individuals who are attracted in…
  ☆156Dec 20, 2019Updated 6 years ago
• orlikoski / Skadi

  View on GitHub
  Collect, Process, and Hunt with host based data from MacOS, Windows, and Linux
  ☆508Oct 21, 2022Updated 3 years ago
• Deploy open-source AI quickly and easily - Special Bonus Offer • Ad
  Runpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
• mattifestation / CimSweep

  View on GitHub
  CimSweep is a suite of CIM/WMI-based tools that enable the ability to perform incident response and hunting operations remotely across al…
  ☆658Aug 19, 2019Updated 6 years ago
• SupportIntelligence / Icewater

  View on GitHub
  16,432 Free Yara rules created by
  ☆390Jun 1, 2019Updated 7 years ago
• hasherezade / malware_analysis

  View on GitHub
  Various snippets created during malware analysis
  ☆467Oct 3, 2025Updated 8 months ago
• jjo-sec / volatility_plugins

  View on GitHub
  Volatility Plugins
  ☆22May 1, 2015Updated 11 years ago
• forensicmatt / RustyReg

  View on GitHub
  Registry to JSON. This Project is for learning purposes and is not maintained.
  ☆12Dec 28, 2021Updated 4 years ago
• davidpany / WMI_Forensics

  View on GitHub
  ☆314Aug 14, 2020Updated 5 years ago
• PoorBillionaire / USN-Record-Carver

  View on GitHub
  Carve NTFS USN records from binary data
  ☆27May 21, 2017Updated 9 years ago
• DissectMalware / MalwareCMDMonitor

  View on GitHub
  Shows command lines used by latest instances analyzed on Hybrid-Analysis
  ☆43Sep 18, 2018Updated 7 years ago
• AlienVault-OTX / yabin

  View on GitHub
  A Yara rule generator for finding related samples and hunting
  ☆165Sep 11, 2022Updated 3 years ago
• Deploy open-source AI quickly and easily - Special Bonus Offer • Ad
  Runpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
• PUNCH-Cyber / YaraGuardian

  View on GitHub
  Django web interface for managing Yara rules
  ☆196Jul 28, 2018Updated 7 years ago
• matonis / page_brute

  View on GitHub
  Page File analysis tools.
  ☆130Dec 3, 2015Updated 10 years ago
• mkorman90 / VolatilityBot

  View on GitHub
  VolatilityBot – An automated memory analyzer for malware samples and memory dumps
  ☆268Jun 15, 2021Updated 4 years ago
• JohnLaTwC / MacroJob

  View on GitHub
  Proof of concept VBA code to add to Normal.dot to put restrictions on Word
  ☆40Dec 20, 2016Updated 9 years ago
• JamesHabben / evolve

  View on GitHub
  Web interface for the Volatility Memory Forensics Framework
  ☆259Nov 21, 2017Updated 8 years ago
• decalage2 / ViperMonkey

  View on GitHub
  A VBA parser and emulation engine to analyze malicious macros.
  ☆1,122Jul 10, 2024Updated last year
• JavelinNetworks / IR-Tools

  View on GitHub
  IR-Tools - PowerShell tools for IR
  ☆131Jul 10, 2017Updated 8 years ago