MalwareCantFly / Vba2GraphLinks
Vba2Graph - Generate call graphs from VBA code, for easier analysis of malicious documents.
☆278Updated 3 years ago
Alternatives and similar repositories for Vba2Graph
Users that are interested in Vba2Graph are comparing it to the libraries listed below
Sorting:
- Allows you to quickly query a Windows machine for RAM artifacts☆221Updated 4 years ago
- Pafish Macro is a Macro enabled Office Document to detect malware analysis systems and sandboxes. It uses evasion & detection techniques …☆288Updated 8 years ago
- Python script to decode common encoded PowerShell scripts☆216Updated 7 years ago
- VolatilityBot – An automated memory analyzer for malware samples and memory dumps☆264Updated 4 years ago
- snake - a malware storage zoo☆216Updated last year
- A modern Python-3-based alternative to RegRipper☆196Updated 2 months ago
- Windows Live Artifacts Acquisition Script☆188Updated 3 years ago
- Miscellaneous Malware RE☆196Updated 3 years ago
- A VBA p-code disassembler☆473Updated 4 years ago
- VBA Dynamic Hook dynamically analyzes VBA macros inside Office documents by hooking function calls☆148Updated 9 years ago
- A VBA parser and emulation engine to analyze malicious macros.☆96Updated 2 weeks ago
- VolDiff: Malware Memory Footprint Analysis based on Volatility☆194Updated 7 years ago
- ☆277Updated 2 years ago
- ☆151Updated 6 years ago
- EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.☆195Updated 3 months ago
- Page File analysis tools.☆127Updated 9 years ago
- For all these times you're asking yourself "what is this panel again?"☆255Updated 2 years ago
- Query and report user logons relations from MS Windows Security Events☆243Updated 6 years ago
- A Yara rule generator for finding related samples and hunting☆158Updated 2 years ago
- Pure Python parser for Application Compatibility Shim Databases (.sdb files)☆108Updated 4 years ago
- Hollowfind is a Volatility plugin to detect different types of process hollowing techniques used in the wild to bypass, confuse, deflect …☆138Updated 2 years ago
- ph0neutria is a malware zoo builder that sources samples straight from the wild. Everything is stored in Viper for ease of access and man…☆300Updated 5 years ago
- Differential Analysis of Malware in Memory☆212Updated 8 years ago
- Web App for Volatility framework☆381Updated 7 months ago
- ☆134Updated 6 years ago
- A tool for detecting VBA stomping.☆100Updated 2 years ago
- Web interface for the Volatility Memory Forensics Framework☆259Updated 7 years ago
- Extension to Cuckoo Sandbox open source projects, adds support to AWS cloud functionalities and enables running emulation on auto-scaling…☆136Updated 3 years ago
- YARA malware query accelerator (web frontend)☆431Updated 3 months ago
- DrSemu - Sandboxed Malware Detection and Classification Tool Based on Dynamic Behavior☆273Updated 5 years ago