Malandrone / PowerDecodeLinks
PowerDecode is a PowerShell-based tool that allows to deobfuscate PowerShell scripts obfuscated across multiple layers. The tool performs code dynamic analysis, extracting malware hosting URLs and checking http response.It can also detect if the malware attempts to inject shellcode into memory.
☆188Updated last year
Alternatives and similar repositories for PowerDecode
Users that are interested in PowerDecode are comparing it to the libraries listed below
Sorting:
- A collection of tools and detections for the Sliver C2 Frameworj☆126Updated 2 years ago
- A ProcessMonitor visualization application written in rust.☆180Updated last year
- Chocolatey packages supporting the analysis environment projects FLARE-VM & Commando VM.☆180Updated last week
- ☆201Updated 7 months ago
- Unprotect is a collaborative platform dedicated to uncovering and documenting malware evasion techniques. We invite you to join us in thi…☆165Updated 2 months ago
- A collection of tools, scripts and personal research☆128Updated last month
- Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR☆240Updated 2 months ago
- ☆160Updated last year
- MSI Dump - a tool that analyzes malicious MSI installation packages, extracts files, streams, binary data and incorporates YARA scanner.☆212Updated 2 years ago
- DPAPILAB Next Gen, script collection☆83Updated 2 years ago
- A small program written in C that is designed to load 32/64-bit shellcode and allow for execution or debugging. Can also output PE files …☆144Updated 10 months ago
- Collection of Volatility2 profiles, generated against Linux kernels.☆43Updated 3 weeks ago
- ☆223Updated 4 months ago
- Windows symbol tables for Volatility 3☆86Updated 10 months ago
- Repository of Yara Rules☆111Updated last month
- A comprehensive tool that provides an insightful analysis of Microsoft's monthly security updates.☆182Updated 2 months ago
- ☆299Updated 7 months ago
- ☆247Updated last year
- ☆572Updated last month
- Analyse your malware to surgically obfuscate it☆469Updated last week
- A repository that maps commonly used attacks using MSRPC protocols to ATT&CK☆329Updated 2 years ago
- Collection of Linux and macOS Volatility3 Intermediate Symbol Files (ISF), suitable for memory analysis 🔍☆141Updated 3 weeks ago
- AV/EDR Lab environment setup references to help in Malware development☆385Updated 3 months ago
- A suite of tools to disrupt campaigns using the Sliver C2 framework.☆276Updated last year
- RdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps.☆264Updated last year
- ☆136Updated 2 years ago
- Python tool to check rootkits in Windows kernel☆196Updated 3 months ago
- Aims to identify sleeping beacons☆596Updated 5 months ago
- Dump quarantined files from Windows Defender☆63Updated 3 years ago
- The Windows Malware Analysis Reversing Core Tools☆95Updated 4 years ago