MalwareCantFly / Vba2Graph
Vba2Graph - Generate call graphs from VBA code, for easier analysis of malicious documents.
☆272Updated 2 years ago
Related projects: ⓘ
- A VBA p-code disassembler☆450Updated 3 years ago
- Allows you to quickly query a Windows machine for RAM artifacts☆218Updated 4 years ago
- VolatilityBot – An automated memory analyzer for malware samples and memory dumps☆263Updated 3 years ago
- Python script to decode common encoded PowerShell scripts☆214Updated 6 years ago
- VBA Dynamic Hook dynamically analyzes VBA macros inside Office documents by hooking function calls☆145Updated 8 years ago
- Windows Live Artifacts Acquisition Script☆181Updated 2 years ago
- Query and report user logons relations from MS Windows Security Events☆240Updated 6 years ago
- A VBA parser and emulation engine to analyze malicious macros.☆90Updated this week
- Pafish Macro is a Macro enabled Office Document to detect malware analysis systems and sandboxes. It uses evasion & detection techniques …☆278Updated 7 years ago
- ☆150Updated 5 years ago
- Differential Analysis of Malware in Memory☆209Updated 7 years ago
- EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.☆180Updated 4 years ago
- Parse Windows Prefetch files: Supports XP - Windows 10 Prefetch files☆111Updated 3 months ago
- snake - a malware storage zoo☆217Updated last year
- Reconstruct process trees from event logs☆143Updated 4 years ago
- A modern Python-3-based alternative to RegRipper☆184Updated 11 months ago
- ☆210Updated this week
- ☆271Updated last year
- ☆101Updated this week
- ☆415Updated last year
- VolDiff: Malware Memory Footprint Analysis based on Volatility☆192Updated 7 years ago
- Lazy Office Analyzer☆118Updated 7 years ago
- Balbuzard is a package of malware analysis tools in python to extract patterns of interest from suspicious files (IP addresses, domain na…☆129Updated 4 years ago
- ☆344Updated 3 years ago
- Page File analysis tools.☆124Updated 8 years ago
- Django web interface for managing Yara rules☆189Updated 6 years ago
- Comae Hibernation File Decompressor☆141Updated last year
- Imaginary C2 is a python tool which aims to help in the behavioral (network) analysis of malware. Imaginary C2 hosts a HTTP server which …☆444Updated last year
- YARA malware query accelerator (web frontend)☆407Updated this week
- Set of Yara rules for finding files using magics headers☆134Updated 4 years ago