MikeHorn-git / WAFSLinks
Hardened your Windows OS against forensics analysis
☆21Updated 6 months ago
Alternatives and similar repositories for WAFS
Users that are interested in WAFS are comparing it to the libraries listed below
Sorting:
- Lena's scripts/code/resources for malware analysis☆27Updated 11 months ago
- ☆27Updated 6 months ago
- orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them☆33Updated last month
- A cap/pcap packet parser to make life easier when performing stealth/passive reconnaissance.☆21Updated 10 months ago
- Automatically spider the result set of a Censys/Shodan search and download all files where the file name or folder path matches a regex.☆27Updated 2 years ago
- Scan files for potential threats while leveraging AMSI (Antimalware Scan Interface) and Windows Defender. By isolating malicious content.☆17Updated 5 months ago
- a tiny program to consume from ETW providers for research☆48Updated 5 months ago
- Hive v5 file decryption algorithm☆34Updated 2 years ago
- Linux #rootkit and #malware revealer☆25Updated 10 months ago
- Contains compiled binaries of Volatility☆33Updated 2 weeks ago
- Proof-of-concept modular implant platform leveraging v8☆53Updated 3 months ago
- A simple tool designed to create Atomic Red Team tests with ease.☆43Updated 2 months ago
- A repository containing the research output from my GCFE Gold Paper which compared Windows 10 and Windows 11.☆27Updated 2 years ago
- ETW forensic tool for Volatility3 plugin☆15Updated 6 months ago
- ☆28Updated 4 months ago
- Parser for Windows PowerShell script block logs☆13Updated 5 months ago
- SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…☆52Updated 5 months ago
- ☆19Updated 2 years ago
- A full analysis report detailing as much as possible of a Malware or a Threat☆29Updated 11 months ago
- Providing Azure pipelines to create an infrastructure and run Atomic tests.☆52Updated last year
- Slides from my talk at the Adversary Village, Defcon 30☆29Updated 2 years ago
- IDA Python scripts☆36Updated last month
- Static Decryptor for IcedID Malware☆18Updated 2 years ago
- Yara Rules for Modern Malware☆77Updated last year
- ☆39Updated last year
- MITRE TTPs derived from Conti's leaked playbooks from XSS.IS☆38Updated 3 years ago
- Malware Analysis tools☆26Updated 8 months ago
- Quick ESXi Log Parser☆20Updated 4 months ago
- ☆32Updated 2 years ago
- Hollowise is a tool that implements process hollowing and PPID (Parent Process ID) spoofing techniques for masking a legitimate analysis …☆36Updated 3 months ago