Windows link file (shortcuts) examiner
☆68Jun 9, 2024Updated last year
Alternatives and similar repositories for lifer
Users that are interested in lifer are comparing it to the libraries listed below
Sorting:
- MalRecon - Basic Malware Reconnaissance and Analysis Tool☆26Jun 8, 2017Updated 8 years ago
- ☆14Aug 8, 2022Updated 3 years ago
- Parser for Sdba memory pool tags☆21Jul 16, 2021Updated 4 years ago
- ☆12Jun 29, 2021Updated 4 years ago
- Print the strings of encoded printable characters in files☆12Jul 19, 2015Updated 10 years ago
- Network Forensics Workshop Files☆17Apr 21, 2015Updated 10 years ago
- Vba2Graph - Generate call graphs from VBA code, for easier analysis of malicious documents.☆280Dec 13, 2021Updated 4 years ago
- Conceptual Methods for Finding Commonalities in Macho Files☆12Mar 21, 2024Updated last year
- Local enumeration and exploitation framework.☆18Aug 16, 2017Updated 8 years ago
- Scripts and Modules for forensical analyses of mysql database systems☆22Sep 19, 2014Updated 11 years ago
- "Evolving AppCompat/AmCache data analysis beyond grep"☆209Sep 15, 2021Updated 4 years ago
- Malware/IOC ingestion and processing engine☆109Nov 20, 2018Updated 7 years ago
- EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.☆209Mar 12, 2025Updated 11 months ago
- A simple Linux TCP client-server proxy able to redirect all data from one address to another by preserving source IP address.☆17Aug 23, 2017Updated 8 years ago
- Detours from binaries method entry/exit point to Python scripts (PIN, CPython API)☆31Mar 13, 2013Updated 12 years ago
- Various snippets created during malware analysis☆22Apr 29, 2018Updated 7 years ago
- Event Tracing for Windows Custom Events☆21Jan 28, 2015Updated 11 years ago
- Python script to decode common encoded PowerShell scripts☆217Jun 13, 2018Updated 7 years ago
- Automated forensics written in PowerShell☆34Sep 29, 2019Updated 6 years ago
- PoC CVE-2020-6308☆36Dec 29, 2020Updated 5 years ago
- OpenCL Digital Forensics data analysis and file carving tool☆24May 14, 2023Updated 2 years ago
- Volatility, on Docker 🐳☆41Nov 20, 2025Updated 3 months ago
- Tools to assist in forensicating docker☆86Mar 5, 2025Updated last year
- Automated Memory Forensic☆34Jul 18, 2018Updated 7 years ago
- A collection of scripts to initialize a windows VM to run all the malwares!☆107Apr 3, 2020Updated 5 years ago
- WIP Emotet Control Flow Unflattening using miasm and radare2☆23Dec 27, 2022Updated 3 years ago
- pwn & ctf tools for windows☆25Jun 21, 2020Updated 5 years ago
- Emulates the VirusTotal "vt" YARA module for livehunt rule debugging/testing☆24May 29, 2023Updated 2 years ago
- A wireshark plugin to instrument ETW☆579Jan 28, 2022Updated 4 years ago
- a PE Loader and Windows API tracer. Useful in malware analysis.☆143Sep 19, 2022Updated 3 years ago
- R-CSIRT Linux Triage tool☆39Jun 28, 2018Updated 7 years ago
- A simple useless rootkit for the linux kernel. It is a kernel module which hooks up the open() syscall (or potentially any syscall) to re…☆12Mar 13, 2016Updated 9 years ago
- Legacy version of libewf☆13Dec 20, 2025Updated 2 months ago
- CAPE monitor DLLs☆42Dec 3, 2019Updated 6 years ago
- Here comes the paintrain!☆11Aug 8, 2016Updated 9 years ago
- Threat Intel and Incident Reponse☆10Aug 29, 2018Updated 7 years ago
- A collection of threat intelligence data such as IOC, Yara and Snort/Suricata Rules etc.☆10Sep 17, 2019Updated 6 years ago
- Packed Malware Analyzer (PACKMAN)☆12Jan 31, 2016Updated 10 years ago
- A Simple CLI App to mark all EXCEL sheets visible (i.e. sets "Very Hidden" and "Hidden" to "Visible")☆11Apr 16, 2020Updated 5 years ago