MalwareCantFly / Vba2Graph
Vba2Graph - Generate call graphs from VBA code, for easier analysis of malicious documents.
☆275Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for Vba2Graph
- Python script to decode common encoded PowerShell scripts☆215Updated 6 years ago
- Pafish Macro is a Macro enabled Office Document to detect malware analysis systems and sandboxes. It uses evasion & detection techniques …☆278Updated 7 years ago
- VolatilityBot – An automated memory analyzer for malware samples and memory dumps☆263Updated 3 years ago
- Allows you to quickly query a Windows machine for RAM artifacts☆218Updated 4 years ago
- A VBA p-code disassembler☆458Updated 3 years ago
- A VBA parser and emulation engine to analyze malicious macros.☆92Updated 2 weeks ago
- snake - a malware storage zoo☆217Updated last year
- VBA Dynamic Hook dynamically analyzes VBA macros inside Office documents by hooking function calls☆146Updated 8 years ago
- ☆134Updated 5 years ago
- Lazy Office Analyzer☆119Updated 7 years ago
- Query and report user logons relations from MS Windows Security Events☆240Updated 6 years ago
- ☆150Updated 5 years ago
- ☆347Updated 3 years ago
- Windows Live Artifacts Acquisition Script☆183Updated 2 years ago
- Hollowfind is a Volatility plugin to detect different types of process hollowing techniques used in the wild to bypass, confuse, deflect …☆131Updated 2 years ago
- A modern Python-3-based alternative to RegRipper☆187Updated 2 weeks ago
- Personal compilation of APT malware from whitepaper releases, documents and own research☆255Updated 5 years ago
- Reconstruct process trees from event logs☆146Updated 4 years ago
- EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.☆189Updated 4 years ago
- ☆273Updated last year
- Miscellaneous Malware RE☆195Updated 2 years ago
- Set of Yara rules for finding files using magics headers☆135Updated 4 years ago
- Mystique may be used to discover infection markers that can be used to vaccinate endpoints against malware. It receives as input a malici…☆80Updated 7 years ago
- ☆417Updated last year
- Imaginary C2 is a python tool which aims to help in the behavioral (network) analysis of malware. Imaginary C2 hosts a HTTP server which …☆443Updated 2 years ago
- FCL (Fileless Command Lines) - Known command lines of fileless malicious executions☆462Updated 3 years ago
- ph0neutria is a malware zoo builder that sources samples straight from the wild. Everything is stored in Viper for ease of access and man…☆300Updated 4 years ago