Matmaus / LnkParse3
Windows Shortcut file (LNK) parser
☆71Updated 5 months ago
Related projects ⓘ
Alternatives and complementary repositories for LnkParse3
- Powershell script deobfuscation using AST in Python☆61Updated 10 months ago
- runsc loads 32/64 bit shellcode (depending on how runsc is compiled) in a way that makes it easy to load in a debugger. This code is base…☆36Updated last year
- ☆100Updated 11 months ago
- Signature-based detection of malware features based on Windows API call sequences. It's like YARA for sandbox API traces!☆82Updated last year
- VBScript & VBA source-to-source deobfuscator with partial-evaluation☆73Updated 3 months ago
- YARA rule analyzer to improve rule quality and performance☆93Updated 11 months ago
- GarbageMan is a set of tools for analyzing .NET binaries through heap analysis.☆113Updated last year
- Dump quarantined files from Windows Defender☆56Updated 2 years ago
- Leverage AMSI (Antimalware Scan Interface) technology to aid your analysis. This tool saves all buffers (scripts, .NET assemblies, etc) …☆89Updated 3 years ago
- Batch script to compile a binary shellcode blob into an exe file☆80Updated 5 years ago
- Windows symbol tables for Volatility 3☆72Updated 4 months ago
- 100 Days of YARA to be updated with rules & ideas as the year progresses☆56Updated last year
- Malware Muncher is a proof-of-concept Python script that utilizes the Frida framework for binary instrumentation and API hooking, enablin…☆42Updated last year
- An automation plugin for Tiny-Tracer framework to trace and watch functions directly out of the executable's import table or trace logs (…☆109Updated 4 months ago
- YARA Language Server☆68Updated this week
- Carve file metadata from NTFS index ($I30) attributes☆60Updated 9 months ago
- Finding secrets in kernel and user memory☆113Updated last year
- Native Python3 bindings for @horsicq's Detect-It-Easy☆48Updated 2 weeks ago
- Userland API monitor for threat hunting☆55Updated 4 years ago
- Repo containing my public talks☆22Updated last year
- This tool is the result of a reverse engineering process of the Windows service called SysMain. Time to interact with the prefetch files …☆30Updated 4 years ago
- Malware Samples that could be used for teaching students about malware analysis.☆47Updated 7 months ago
- ☆109Updated this week
- Unprotect is a python tool for parsing PE malware and extract evasion techniques.☆111Updated last year
- Malware Configuration Extraction Modules☆47Updated 11 months ago
- Machine Interrogation To Identify Gaps & Techniques for Execution☆32Updated 2 years ago
- Reads and prints information from the website MalAPI.io☆19Updated 2 years ago
- Rules Shared by the Community from 100 Days of YARA 2023☆77Updated last year
- ☆91Updated 2 years ago
- Scripts and tools accompanying HP Threat Research blog posts and reports.☆49Updated 7 months ago