Malandrone / PowerDecodeLinks
PowerDecode is a PowerShell-based tool that allows to deobfuscate PowerShell scripts obfuscated across multiple layers. The tool performs code dynamic analysis, extracting malware hosting URLs and checking http response.It can also detect if the malware attempts to inject shellcode into memory.
☆203Updated last year
Alternatives and similar repositories for PowerDecode
Users that are interested in PowerDecode are comparing it to the libraries listed below
Sorting:
- A ProcessMonitor visualization application written in rust.☆183Updated 2 years ago
- Chocolatey packages supporting the analysis environment projects FLARE-VM & Commando VM.☆193Updated last week
- A collection of tools and detections for the Sliver C2 Frameworj☆128Updated 2 years ago
- A collection of tools, scripts and personal research☆145Updated 3 weeks ago
- ☆204Updated 10 months ago
- Dump quarantined files from Windows Defender☆65Updated 3 years ago
- Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR☆248Updated 5 months ago
- A curated list of ressources for Volatility 2 & 3☆12Updated last year
- Repository of Yara Rules☆115Updated 4 months ago
- Unprotect is a collaborative platform dedicated to uncovering and documenting malware evasion techniques. We invite you to join us in thi…☆172Updated 4 months ago
- Windows symbol tables for Volatility 3☆89Updated last year
- Collection of Volatility2 profiles, generated against Linux kernels.☆48Updated last week
- ☆161Updated 2 years ago
- Memory acquisition for Linux that makes sense.☆203Updated last year
- A small program written in C that is designed to load 32/64-bit shellcode and allow for execution or debugging. Can also output PE files …☆159Updated last year
- Collection of Linux and macOS Volatility3 Intermediate Symbol Files (ISF), suitable for memory analysis 🔍☆178Updated last week
- MSI Dump - a tool that analyzes malicious MSI installation packages, extracts files, streams, binary data and incorporates YARA scanner.☆217Updated 2 years ago
- RegRipper4.0☆62Updated 2 weeks ago
- ☆238Updated 2 months ago
- RdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps.☆287Updated last year
- LOLESXi is a curated compilation of binaries/scripts available in VMware ESXi that are were used to by adversaries in their intrusions. T…☆132Updated 7 months ago
- ☆252Updated last year
- Elastic Security Labs releases☆80Updated last month
- MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR☆671Updated last month
- Volatility3 Linux profiles☆53Updated 2 months ago
- Python tool to check rootkits in Windows kernel☆199Updated last week
- A C# based tool for analysing malicious OneNote documents☆114Updated 2 years ago
- Powershell Linter☆80Updated last month
- The Windows Malware Analysis Reversing Core Tools☆96Updated 4 years ago
- ☆503Updated last year