PowerDecode is a PowerShell-based tool that allows to deobfuscate PowerShell scripts obfuscated across multiple layers. The tool performs code dynamic analysis, extracting malware hosting URLs and checking http response.It can also detect if the malware attempts to inject shellcode into memory.
☆233Apr 28, 2024Updated last year
Alternatives and similar repositories for PowerDecode
Users that are interested in PowerDecode are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- PowerShell script for deobfuscating encoded PowerShell scripts☆437Feb 4, 2021Updated 5 years ago
- Volatility 3 Plugins☆21Oct 3, 2022Updated 3 years ago
- A tool for de-obfuscating PowerShell scripts☆71Apr 24, 2019Updated 6 years ago
- A C2 framework inspired by anime, made in python.☆12Feb 8, 2026Updated 2 months ago
- A guide to using Azure Data Explorer and KQL for DFIR☆124May 16, 2022Updated 3 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- MS Graph Commands and Tools for Blue Teamers☆51Feb 4, 2026Updated 2 months ago
- Help deobfuscate VBScript☆18Jul 1, 2022Updated 3 years ago
- PowerShell tools to help defenders hunt smarter, hunt harder.☆479Oct 29, 2025Updated 5 months ago
- ☆183Apr 24, 2025Updated 11 months ago
- Rapidly Search and Hunt through Windows Forensic Artefacts☆3,497Apr 1, 2026Updated last week
- Enumeration & fingerprint tool☆23Mar 3, 2024Updated 2 years ago
- ☆19Oct 23, 2020Updated 5 years ago
- Artifact collection tool for *nix systems☆215Mar 20, 2024Updated 2 years ago
- A collection of PowerShell scripts for analyzing data from Microsoft 365 and Microsoft Entra ID☆583Dec 6, 2025Updated 4 months ago
- End-to-end encrypted cloud storage - Proton Drive • AdSpecial offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
- Evtx Log (xml) Browser☆59Mar 12, 2023Updated 3 years ago
- Scripts and a short guide for using them to tier an Active Directory. Made for BSides Copenhagen 2024☆39Oct 20, 2025Updated 5 months ago
- ☆14Sep 26, 2023Updated 2 years ago
- Go fastcall analysis for ida decompiler☆46Jun 25, 2025Updated 9 months ago
- Adversary Simulation Framework☆39Aug 19, 2025Updated 7 months ago
- A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs☆801Updated this week
- A powershell parser for https://github.com/ufrisk/MemProcFS☆45May 12, 2021Updated 4 years ago
- IDA plugin to deobfuscate emotet CFF☆18Apr 26, 2022Updated 3 years ago
- A curated list of KAPE-related resources☆185May 1, 2025Updated 11 months ago
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- PowerShell script designed to help Incident Responders collect forensic evidence from local and remote Windows devices.☆112Aug 26, 2024Updated last year
- A standalone DLL that exports databases in cleartext once injected in the KeePass process.☆301Mar 1, 2023Updated 3 years ago
- Powershell module that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows…☆2,081Dec 11, 2024Updated last year
- Windows symbol tables for Volatility 3☆93Jul 11, 2024Updated last year
- An ADCS honeypot to catch attackers in your internal network.☆327Jun 27, 2024Updated last year
- NTFS file system specimens☆13Jul 3, 2023Updated 2 years ago
- IDA plugin helping reverse-engineering rust binaries☆33Jul 31, 2024Updated last year
- Klara docker compose☆11May 19, 2020Updated 5 years ago
- Practical Windows Forensics Training☆761Feb 16, 2026Updated last month
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.☆3,106Mar 21, 2026Updated 3 weeks ago
- GarbageMan is a set of tools for analyzing .NET binaries through heap analysis.☆119Apr 8, 2023Updated 3 years ago
- Defeating Anti-Debugging Techniques for Malware Analysis☆12Oct 1, 2022Updated 3 years ago
- Repository to publish sample use cases, templates, solutions, automations for Microsoft Defender Threat Intelligence (MDTI) product☆80Sep 9, 2024Updated last year
- A powerful macOS triage collection tool designed for forensic analysis. It gathers critical system artifacts such as FSEvents, Spotlight,…☆41Oct 24, 2025Updated 5 months ago
- FalconHound is a blue team multi-tool. It allows you to utilize and enhance the power of BloodHound in a more automated fashion. It is de…☆819Mar 6, 2026Updated last month
- Malware Samples that could be used for teaching students about malware analysis.☆64Apr 8, 2024Updated 2 years ago