Matmaus / LnkParse3Links
Windows Shortcut file (LNK) parser
☆98Updated 3 weeks ago
Alternatives and similar repositories for LnkParse3
Users that are interested in LnkParse3 are comparing it to the libraries listed below
Sorting:
- Dump quarantined files from Windows Defender☆67Updated 3 years ago
- Repository of Yara Rules☆122Updated 2 weeks ago
- A ProcessMonitor visualization application written in rust.☆184Updated 2 years ago
- ☆110Updated 3 weeks ago
- $MFT directory tree reconstruction & FILE record info☆311Updated 11 months ago
- Chocolatey packages supporting the analysis environment projects FLARE-VM & Commando VM.☆197Updated last week
- runsc loads 32/64 bit shellcode (depending on how runsc is compiled) in a way that makes it easy to load in a debugger. This code is base…☆37Updated 2 years ago
- Malware Samples that could be used for teaching students about malware analysis.☆59Updated last year
- PowerDecode is a PowerShell-based tool that allows to deobfuscate PowerShell scripts obfuscated across multiple layers. The tool performs…☆209Updated last year
- MSI Dump - a tool that analyzes malicious MSI installation packages, extracts files, streams, binary data and incorporates YARA scanner.☆220Updated 2 years ago
- Collection of rules created using YARA-Signator over Malpedia☆135Updated 10 months ago
- A small program written in C that is designed to load 32/64-bit shellcode and allow for execution or debugging. Can also output PE files …☆163Updated last year
- Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR☆248Updated 6 months ago
- A guide on how to write fast and memory friendly YARA rules☆153Updated 7 months ago
- Powershell script deobfuscation using AST in Python☆71Updated last week
- ☆240Updated 3 months ago
- ☆20Updated 3 years ago
- Signature-based detection of malware features based on Windows API call sequences. It's like YARA for sandbox API traces!☆83Updated 2 years ago
- Rules shared by the community from 100 Days of YARA 2024☆86Updated 9 months ago
- Windows symbol tables for Volatility 3☆90Updated last year
- Linpmem is a linux memory acquisition tool☆88Updated 3 months ago
- ☆113Updated 2 months ago
- Elastic Security Labs releases☆82Updated 3 months ago
- Batch script to compile a binary shellcode blob into an exe file☆88Updated 6 years ago
- Collection of malware persistence and hunting information. Be a persistent persistence hunter!☆181Updated 2 months ago
- Parses $MFT from NTFS file systems☆265Updated 4 months ago
- Python tool to check rootkits in Windows kernel☆201Updated last month
- ☆253Updated last year
- YARA rule analyzer to improve rule quality and performance☆103Updated 5 months ago
- Leverage AMSI (Antimalware Scan Interface) technology to aid your analysis. This tool saves all buffers (scripts, .NET assemblies, etc) …☆112Updated 4 years ago